Bug #518164 exposed an issue during initscripts because it no longer checks /proc/mounts to determine if /selinux is really selinuxfs. [root@newcaprica i386]# ls -l selinux/ total 16 drwxr-xr-x. 2 root root 4096 2009-09-08 12:57 booleans -rwxr-xr-x. 1 root root 0 2009-09-08 12:57 commit_pending_bools -rwxr-xr-x. 1 root root 1 2009-09-08 12:57 enforce crw-r--r--. 1 root root 1, 3 2009-09-08 12:57 load -rwxr-xr-x. 1 root root 1 2009-09-08 12:57 mls -rwxr-xr-x. 1 root root 3 2009-09-08 12:57 policyvers [root@newcaprica i386]# cat selinux/policyvers 999 This fake /selinux is leftover from livecd-tools' creator.py as run via a subclassed ImageCreator class. It is failing to clean up the fake /selinux. This might have broken anytime in the last 2 years (or might have been there forever), but we never noticed any problem because initscripts didn't look at a fake /selinux before. This currently breaks systems like NFS netboot where it is impossible to use selinux.
Interesting, the fake /selinux is within yesterday's nightly LiveCD image too.
I'll look at patching this soon.
Fixed in livecd-tools-027