692602 – systemd produces selinux error msg during boot, but selinux=disabled in my /etc/selinux/config

Bug 692602 - systemd produces selinux error msg during boot, but selinux=disabled in my /etc/selinux/config

Summary: systemd produces selinux error msg during boot, but selinux=disabled in my /e...

Keywords:
Status:	CLOSED DUPLICATE of bug 692573
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	systemd
Sub Component:
Version:	15
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Assignee:	Lennart Poettering
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-03-31 16:48 UTC by Joachim Backes
Modified:	2011-04-01 15:16 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-03-31 19:07:58 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Joachim Backes 2011-03-31 16:48:40 UTC

Description of problem:
after having updated to the most recent packages (including update to 
systemd-21-2.fc15.x86_64), I see a lot of SElinux error messages during 
boot:

Failed to load SElinux policy
Failed to set security context system_u:object_r:sysfs_t:s0 for /sys: 
Invalid argument
Failed to mount /sys/fs/cgroup/systemd: No such file or directory

The boot will not finish!

These messages appear repeatedly during boot.

What I find weird (and this is the reason for this bugzilla, not the systemd misbehaviour):

in my /etc/selinux/config I have selinux disabled:

--------------------------- snip ---------------------------------
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 
---------------------------snap -------------------------------------

Nevertheless this systemd pitfall blocks my system!
Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Andrew McNabb 2011-03-31 18:52:23 UTC

When I upgraded my Fedora 15 Alpha system from systemd 20 to systemd 21, I encountered these same error messages. As in Joachim's case, I have selinux disabled.

Comment 2 Andrew McNabb 2011-03-31 19:00:29 UTC

By the way, I tried booting with systemd.unit=rescue.target and sytsemd.unit=emergency.target, and the system hung at the selinux errors in both cases. Since it now appears to be impossible to boot the system by any means less drastic than init=/bin/sh, I think the severity of this issue is urgent. Is there any other information that would be helpful for this bug report?

Comment 3 Iven Hsu 2011-03-31 19:07:20 UTC

I had the same issue with you, and I found a workaround, just set SELINUX=permissive in /etc/sysconfig/selinux.

Comment 4 Michal Schmidt 2011-03-31 19:07:47 UTC

There seems to be a bug when SELinux is disabled via the config file. Try using "selinux=0" on the kernel command line.

Comment 5 Michal Schmidt 2011-03-31 19:07:58 UTC


*** This bug has been marked as a duplicate of bug 692573 ***

Note You need to log in before you can comment on or make changes to this bug.