semodule returns "cannot allocate memory" --
Edward Kuns
ekuns at kilroy.chi.il.us
Sun Aug 2 20:39:50 UTC 2009
A module previously loaded disappeared when I had to totally reload
policy from scratch on a Fedora 8 -> 11 upgrade. By "totally reload" I
mean:
# cd /etc/selinux/targeted
# mv modules modules.old
# yum erase selinux-policy selinux-policy-targeted
# yum install selinux-policy selinux-policy-targeted
The above fixed my corrupted policy that nothing else appeared to be
able to fix, but I forgot to reload some custom modules that I have
locally, only one of which seems to be needed today (for mailman).
Today I tried to reload this custom module and I got:
So I tried to reload it:
[root at kilroy policy]# semodule -i mymailman.pp
SELinux: Could not load policy
file /etc/selinux/targeted/policy/policy.24: Cannot allocate memory
/usr/sbin/load_policy: Can't load policy: Cannot allocate memory
libsemanage.semanage_reload_policy: load_policy returned error code 2.
SELinux: Could not load policy
file /etc/selinux/targeted/policy/policy.24: Cannot allocate memory
/usr/sbin/load_policy: Can't load policy: Cannot allocate memory
libsemanage.semanage_reload_policy: load_policy returned error code 2.
semodule: Failed!
I rebooted and tried again to the same result.
I currently have selinux-policy (and -targeted) 3.6.12-69.fc11. Well, I
tried the above again (move and reinstall of policy) and got the
following failure on the reinstall:
Installing : selinux-policy-3.6.12-69.fc11.noarch
1/4
Installing : selinux-policy-targeted-3.6.12-69.fc11.noarch
2/4
SELinux: Could not load policy
file /etc/selinux/targeted/policy/policy.24: Cannot allocate memory
/usr/sbin/load_policy: Can't load policy: Cannot allocate memory
libsemanage.semanage_reload_policy: load_policy returned error code 2.
libsemanage.semanage_install_active: Could not
copy /etc/selinux/targeted/modules/active/policy.kern
to /etc/selinux/targeted/policy/policy.24. (No such file or directory).
semodule: Failed!
Installing : setroubleshoot-2.1.14-2.fc11.i586
3/4
Installing : policycoreutils-gui-2.0.62-12.12.fc11.i586
4/4
So now I think I'm worse off than before. How do I fix this? By the
way, this server has 4 GB memory, so it's hard to believe I'm truly out
of memory. Also, swap is not being used. But if I look
in /var/log/messages, I see the following:
vmap allocation for size 3801088 failed: use vmalloc=<size> to increase
size.
How do I fix this, and just how bad is my selinux messed up?
Thanks
Eddie
More information about the fedora-selinux-list
mailing list