From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510 Description of problem: When looking through my kernel startup log I noticed the following lines. SELinux: Initializing. SELinux: Starting in permissive mode There is already a security framework initialized, register_security failed. Failure registering capabilities with the kernel selinux_register_security: Registering secondary module capability Capability LSM initialized As far as I can tell this isn't causing me any problems, but whatever it is I'm sure its not supposed to fail (as far as i know anyway). I am not running SELinux on my system (I just did a default install and never passed the selinux boot option) Version-Release number of selected component (if applicable): kernel-2.6.5-1.358 How reproducible: Always Steps to Reproduce: 1. Boot system 2. View kernel startup log Actual Results: SELinux: Initializing. SELinux: Starting in permissive mode There is already a security framework initialized, register_security failed. Failure registering capabilities with the kernel selinux_register_security: Registering secondary module capability Capability LSM initialized Expected Results: Don't know what the expected behavior should be, all I know is it shouldn't fail. Additional info:
This is a result of unfortunate error logging: The failure is that of the capability module to register itself as a primary LSM. It next succeeds in being loaded as a secondary. SO there appears to be no problem loading selinux on your machine.
(I use ext2 for /boot and xfs for /) I get the same error message as Adam at the top of dmesg, but lower down get the following: RAMDISK: Compressed image found at block 0 VFS: Mounted root (ext2 filesystem). SGI XFS with ACLs, security attributes, large block numbers, no debug enabled kmem_cache_create: duplicate cache linvfs_icache ------------[ cut here ]------------ kernel BUG at mm/slab.c:1383! invalid operand: 0000 [#1] SMP CPU: 0 EIP: 0060:[<021384b0>] Not tainted EFLAGS: 00010202 (2.6.5-1.358custom) EIP is at kmem_cache_create+0x4c8/0x546 eax: 42926061 ebx: 41e30d70 ecx: 0245cf90 edx: 0000326d esi: 0231cfec edi: 02315701 ebp: 39e01c80 esp: 41ce7f3c ds: 007b es: 007b ss: 0068 Process insmod (pid: 166, threadinfo=41ce7000 task=39ee87d0) Stack: ff000000 42926061 00000080 42938180 42934600 02351e34 41ce7000 429202bb 00022000 4292028f 00000000 429380df 0000000d 00000000 00000012 00000000 0003f28c 0003e1ab 00000000 000007d0 0000001a 428a9ed0 428a36be 00000000 Call Trace: [<429202bb>] init_inodecache+0x1d/0x37 [xfs] [<4292028f>] init_once+0x0/0xf [xfs] [<429380df>] init_xfs_fs+0x26/0x6e [xfs] [<0212e3a2>] sys_init_module+0x100/0x20e Code: 0f 0b 67 05 7e 56 31 02 8b 1b 8b 03 0f 18 00 90 81 fb 7c cf <5>XFS mounting filesystem hda8 Ending clean XFS mount for filesystem: hda8 Freeing unused kernel memory: 184k freed SELinux: Disabled at runtime. SELinux: Unregistering netfilter hooks NET: Registered protocol family 10 Disabled Privacy Extensions on device 023687e0(lo)
This appears to have been fixed (for me) by upgrading to the newly released kernel, 2.6.6-427smp. Thanks ;)
I have seen an improvement with the new 2.6.6-1.427 kernel, but it hasn't gone away completely. But as I say, its not causing any problems for me, so I'm happy to pass this bug off as unfortunate error logging, like Serge said. If anyone is interested, the error message I get with 2.6.6-1.427 is: SELinux: Initializing. SELinux: Starting in permissive mode There is already a security framework initialized, register_security failed. selinux_register_security: Registering secondary module capability Capability LSM initialized as secondary
I am still getting this showing up in my logs in FC3 using kernel-2.6.9-1.681_FC3. The full message is as follows: - Security Scaffold v1.0.0 initialized SELinux: Initializing. SELinux: Starting in permissive mode There is already a security framework initialized, register_security failed. selinux_register_security: Registering secondary module capability Capability LSM initialized as secondary But as far as i can tell SELinux is working fine on my machine, so Serge's explanation of unfortunate logging is good enough for me. If anyone wants this bug re-opened feel free to do so, but as far as I am concerned, its not a bug.