Red Hat Bugzilla – Bug 175529
selinux causes boot failure
Last modified: 2007-11-30 17:11:18 EST
Clean current rawhide installation needs 'selinux=0' on the kernel command line
to boot. Otherwise...
no fstab.sys, mounting internal defaults
Switching to new root and running init.
unmounting old /dev
unmounting old /proc
unmounting old /sys
Kernel panic - not syncing: Attempted to kill init!
[C0000000028EBB40] [C00000000002B7C4] .show_stack+0x54/0x1f0 (unreliable)
[C0000000028EBBF0] [C000000000067B20] .panic+0x90/0x230
[C0000000028EBCB0] [C00000000006DCCC] .do_exit+0xb4c/0xdb0
[C0000000028EBD90] [C00000000006DF80] .do_group_exit+0x50/0xd0
[C0000000028EBE30] [C0000000000085F8] syscall_exit+0x0/0x40
What init, and what policy?
I *think* this is because policy is accidentally getting removed.
20051211 rawhide -- SysVinit-2.85-42 and selinux-policy-targeted-2.1.2-1
This is uranus.cambridge.redhat.com; talk to me on irc, or dhowells or pnasrat
or one of many others, to find its root password.
Same exit happens when booted with init=/bin/bash, btw.
Hm, sounds almost kernel-related then. Do older kernels work?
Not sure -- I haven't had selinux enabled on a rawhide machine for some time.
I'll back down to a kernel before the gcc 4.1 switch and see what happens.
Can you boot with enforcing=0? Is this a fresh install? If yes, the install
was not builing the policy file successfully and init will blow up if there is
no policy file on disk. There is a fix to init to output an error when the
policy file does not exist. You can create a new policy file by executing
semodule -b /usr/share/selinux/targeted/base.pp
I'm seeing this with a fresh install of today's rawhide kernel-2.6.14-1.1777_FC5.
Looks like no policy is installed:
-bash-3.00# rpm -qa selinux\*
-bash-3.00# rpm -qf /etc/selinux/config
file /etc/selinux/config is not owned by any package
This was a kickstart install. There was no selinux line in the original ks
file, but the installed anaconda-ks.cfg does show "selinux --enforcing".
Perhaps an anaconda issue?
Installing selinux-policy-targeted and running fixfiles relabel has me up and
does a /etc/selinux/targeted/policy/policy.20 file exist?
It does now. Date is after I installed selinux-policy-targeted.
# ls -l /etc/selinux/targeted/policy/policy.20
-rw-r--r-- 1 root root 653973 Dec 22 12:09 /etc/selinux/targeted/policy/policy.20
So is the system still crashing. I am not seeing this here. I know the /home
and /root directories are mislabeled.
restorecon -R -v /home /root
Should clear that up.
Working to get anaconda fixed.
System is fine now as indicated in comment #8. Although I am seeing lots of
avc: denied messages. I'll deal with those separately.