Red Hat Bugzilla – Bug 208765
kernel panic - system freeze - changed selinux-policy-strict
Last modified: 2007-11-30 17:11:44 EST
Description of problem: System froze twice when I changed the selinux policy to
strict. I could access anything to fix it, I had to rebuild my system twice.
Version-Release number of selected component (if applicable):
How reproducible: Happened twice using the kernel 2.6.17-1.2187_FC5smp, and the
other optional kernel-similar to the above kernel.
Steps to Reproduce:
1.installed selinux strict policy using kyum first time, and konsole the second time
2.Changed policy to strict in selinux
3.Rebooted-system froze twice!!!
Actual results:System froze had to rebuild system twice. It couldn't kill init!
Expected results: selinux to work in a stricter/safer way.
Additional info: here is the info the computer gave me: /sbin/init: error
while loading shared libraries: libsepol.so.1: failed to map segment from shared
object: Permission denied kernel panic-not syncing: Attempting to kill init!
In order to switch to strict policy, you need to follow the following steps
change /etc/selinux/config to strict policy
reboot in permissive mode, so the relabeling will success
reboot in enforcing mode.