Description of problem: 'mount' and 'fsck' in initscripts failed to read /etc/fstab. As a result, no filesystems are mounted except that root filesystem is remounted as read-only. devpts is not mounted so sshd cannot open terminal for remote login. The problem disappears if "selinux=0" is given as boot parameter or do 'chcon -t etc_runtime_t /etc/fstab'. Version-Release number of selected component (if applicable): rawhide-20060727 selinux-policy-2.3.3-10 selinux-policy-targeted-2.3.3-10 kernel-2.6.17-1.2449.fc6 How reproducible: Always Steps to Reproduce: 1. Install and reboot 2. 3. Actual results: System boots up. No filesystems are mounted except that root filesystem is mounted as read-only. You can login with ssh but you won't see shell prompt. Expected results: All filesystems specified in fstab are mounted. You can see shell prompt when you login with ssh. Additional info: Read failure is caused by type mismatch. # dmesg|grep denied|audit2why ... audit(1154111030.444:71): avc: denied { read } for pid=2759 comm="mount" name="fstab" dev=sdb7 ino=1558532 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file Was caused by: Missing or disabled TE allow rule. Allow rules may exist but be disabled by boolean settings; check boolean settings. You can see the necessary allow rules by running audit2allow with this audit message as input. ... # dmesg|grep denied| audit2allow allow fsadm_t tmp_t:file read; allow mount_t tmp_t:file read; allow nmbd_t samba_log_t:dir create; allow pam_console_t tmp_t:file read; allow smbd_t samba_log_t:dir create; allow udev_t watchdog_device_t:chr_file create; There seems other files are access denied with similar reason, BTW. The problem could be worked around by change the type of fstab. # newrole -t initrc_t # mount /boot warning: can't open /etc/fstab: Permission denied mount: can't find /boot in /etc/fstab or /etc/mtab # chcon -t etc_runtime_t /etc/fstab # mount /boot (success)
Why is fstab labeled tmp_t. It should be labeled etc_t. If you create fstab in /tmp and then mv it to /etc this could happen. You need to restorecon /etc/fstab.
You're right. Thanks. fstab is modified and mv from /tmp in kickstart post-installation script.