Red Hat Bugzilla – Bug 139574
syslogd hangs on startup when /var is symlinked to non-root partition
Last modified: 2007-11-30 17:10:54 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041111 Firefox/1.0 Description of problem: To save a little space in my 4G root partition (/dev/hda2) I created a /var directory under /part2 (/dev/hda4). In single user mode I used tar to copy all of /var to /part2/var preserving file ownerships and permissions. I then created a symlink from /var to /part2/var. When the remainder of the boot process got as far as starting syslogd, the machine hung. Version-Release number of selected component (if applicable): sysklogd-1.4.1-22 How reproducible: Always Additional info: I can reproduce the problem without rebooting my machine. I shutdown syslogd. Put the symlink in place and restarted syslogd (/sbin/syslogd -m 0) and it hangs. The following output is from strace when starting syslogd. execve("/sbin/syslogd", ["syslogd", "-m", "0"], [/* 20 vars */]) = 0 uname({sys="Linux", node="pc.ve3syb.on.ca", ...}) = 0 brk(0) = 0xf85d5000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=78233, ...}) = 0 old_mmap(NULL, 78233, PROT_READ, MAP_PRIVATE, 3, 0) = 0xf6fce000 close(3) = 0 open("/lib/tls/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 /C\000"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1512400, ...}) = 0 old_mmap(NULL, 1207532, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xf6ea7000 old_mmap(0xf6fc8000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x120000) = 0xf6fc8000 old_mmap(0xf6fcc000, 7404, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf6fcc000 close(3) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xf6ea6000 mprotect(0xf6fc8000, 8192, PROT_READ) = 0 mprotect(0xf6ff7000, 4096, PROT_READ) = 0 set_thread_area({entry_number:-1 -> 6, base_addr:0xf6ea68e0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 munmap(0xf6fce000, 78233) = 0 getpid() = 27831 chdir("/") = 0 brk(0) = 0xf85d5000 brk(0xf85f6000) = 0xf85f6000 open("/var/run/syslogd.pid", O_RDONLY) = -1 EACCES (Permission denied) rt_sigaction(SIGTERM, {0xf6ffb104, [TERM], SA_RESTORER|SA_RESTART, 0xf6ecea48}, {SIG_DFL}, 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xf6ea6928) = 27832 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGCHLD, NULL, {SIG_DFL}, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- nanosleep({300, 0}, There was no syslogd.pid file before starting syslogd.
Firstly, make sure that the new /var partition (/part2) is mounted at the same time as / in /etc/fstab - the sixth field (pass_no) must be no greater than 2. It sounds like you have SELinux enabled - syslogd has the incorrect file contexts for /part2/var/{run,log} : open("/var/run/syslogd.pid", O_RDONLY) = -1 EACCES (Permission denied) This problem would disappear if you can mount the whole of /part2 under /var: # cd /part2 # mv var/* . # rmdir var # cd / # umount /part2 # mount /dev/hda4 /var and then relabel to get the correct selinux file contexts: # restorecon -R /var OR you could try doing the above, with the restorecon, and then move all the relabeled directories back to /part2/var, and then the link from /var to /part2/var MIGHT work - you may have to add policy for /var for syslogd & klogd. OR you could disable selinux: edit /etc/selinux/config and set SELINUX=disabled See documents in /usr/share/SELinux .
I now have some updated information - you need to use 'setfiles' instead of restorecon : You can retain use of the /part2/var directory as follows: Having moved / untar'ed the /var directory under /part2 : # setfiles -r /part2 \ /etc/selinux/targeted/contexts/files/file_contexts /var # rm -f /var # mkdir /var # mount -o bind /part2 /var and add this line to /etc/fstab: /part2/var /var none bind 0 2
I'll try some of the suggestions. I generally run my machine with high security as a way to test setups for client machines. The seinfo command says there is no policy.conf file so I will disable selinux for now until I can create a policy file for the machine. FYI, I selected to enable SELinux during the install of FC3. I did not change the default configuration of SELinux after install. /etc/selinux/config indicates 'enforcing' and 'targeted'. 'enforcing' may be why syslogd hung without providing any indication it was running in to a problem with an SELinux policy. I will try it with 'permissive' to see if that gives me an error message instead of just having the daemon hang.