Bug 122597 - kernel 2.6.5-1.349 and 2.6.5-1.350 runs in selinux mode even though selinux=0 set at boot
kernel 2.6.5-1.349 and 2.6.5-1.350 runs in selinux mode even though selinux=0...
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
rawhide
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-05-06 01:49 EDT by kb
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-05-19 03:01:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description kb 2004-05-06 01:49:34 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a)
Gecko/20040423

Description of problem:
kernel 2.6.5-1.349 and 2.6.5-1.350 runs in selinux mode even though
selinux=0 set at boot

this couses audit messages like (grabbed one from the log):
May  6 07:27:03 computer kernel: audit(1083821196.292:0): avc:  denied
 { read } for  pid=300 exe=/bin/bash name=mysqld dev=hda2 ino=885284
scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:mysqld_var_run_t tclass=dir

and many more.

last known working kernel is 2.6.5-1.327

policy-1.11.2-21
SysVinit-2.85-25

anything else you need to know?

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. install kernel 2.6.5-1.350
2. set the boot configuration in grub.conf or equivalent to:
title Fedora Core (2.6.5-1.350)
	root (hd0,0)
	kernel /vmlinuz-2.6.5-1.350 ro root=LABEL=/ rhgb selinux=0
	initrd /initrd-2.6.5-1.350.img
3. reboot, select this kernel when prompted

Additional info:
Comment 1 kb 2004-05-19 00:59:52 EDT
no problems with 2.6.5-1.358
-> close

Note You need to log in before you can comment on or make changes to this bug.