Bug 120048 – Recent SELinux package upgrade creates Kernel Panic

Bug 120048 - Recent SELinux package upgrade creates Kernel Panic

Summary:	Recent SELinux package upgrade creates Kernel Panic

Status:	CLOSED DUPLICATE of bug 119981

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	policycoreutils (Show other bugs)
Sub Component:
Version:	2
Hardware:	i386 Linux

Priority	medium Severity high
Target Milestone:	---
Target Release:	---
Assigned To:	Daniel Walsh
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2004-04-05 11:09 EDT by Brandon Petersen
Modified:	2007-11-30 17:10 EST (History)
CC List:	2 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2006-02-21 14:02:25 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Brandon Petersen 2004-04-05 11:09:13 EDT

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6)
Gecko/20040225 Firefox/0.8

Description of problem:
A very recent yum upgrade of SELinux for Fedora Core2 Test2, possibly
policycoreutils, is causing a Kernel Panic during bootup.  I ran 'yum
upgrade' on the morning of April 5, 2004.  It updated the kernel,
SELinux packages and more.

After I attempted to boot, it says:

Enforcing mode requested but no policy loaded. Halted now.
Kernel Panic: Attempted to kill init!



Version-Release number of selected component (if applicable):
policycoreutils

How reproducible:
Always

Steps to Reproduce:
1.  Run 'yum upgrade' on Fedora Core 2 Test 2
2.  Reboot the machine
    

Actual Results:  During the boot process I get:

Enforcing mode requested but no policy loaded. Halted now.
Kernel Panic: Attempted to kill init!

The computer will go no farther and will not completely boot.

Expected Results:  Ability to boot the computer.

Additional info:

I wish I wrote down all the upgrades that occurred, but it was the
updates available on the morning of April 5, 2004.

I am running a Dell Dimension 2100.  It has 196mb of ram, an Intel
Celeron 800mhz.  It uses the Intel 810 video card.

Comment 1 Konstantin Ryabitsev 2004-04-05 12:25:33 EDT

Seeing this, too, identical report.

Also, to resolve the situation I set selinux=permissive in
/etc/sysconfig/selinux, and now I get:

idicon@hagrid:[~]$ id -Z
Sorry, --context (-Z) can be used only on a selinux-enabled kernel.

Which doesn't seem to be an expected behavior.

Comment 2 Daniel Walsh 2004-04-05 14:23:27 EDT

Do you have a selinux=0 in the grub.conf?

This indicates you are booting a kernel with SELinux support turned off.
Of you do not have a policy file installed.

Dan

Comment 3 Konstantin Ryabitsev 2004-04-05 14:25:14 EDT

I noticed that /etc/security/selinux/policy.16 file was apparently
named /etc/security/selinux/policy. (trailing dot, no 16). After
moving it to .16, it worked.

Comment 4 Brandon Petersen 2004-04-05 14:32:46 EDT

Thanks for the info about the policy file, the machine now nearly loads.  

When I boot normally, I now get an unending stream of the following
error message:

audit(1081178872.934:0): avc: denied { write } for pid=1063
exe=/sbin/klogd_name=log dev=hda2 ino=762650
scontext=system_u:system_r:klodg_t tcontext=system_u:object_r:file_t
tclass=sock_file

Brandon Petersen

Comment 5 Miloš Komarčević 2004-04-05 14:37:02 EDT

Me thinks this is a dupe of bug 119981

Boot with enforcing=0, relabel, then reboot normally.

Comment 6 Brandon Petersen 2004-04-05 14:48:11 EDT


*** This bug has been marked as a duplicate of 119981 ***

Comment 7 Red Hat Bugzilla 2006-02-21 14:02:25 EST

Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.