FIXED Re: semodule returns "cannot allocate memory"
Edward Kuns
ekuns at kilroy.chi.il.us
Sun Aug 2 22:06:34 UTC 2009
On Sun, 2009-08-02 at 15:39 -0500, Edward Kuns wrote:
> [root at kilroy policy]# semodule -i mymailman.pp
> SELinux: Could not load policy
> file /etc/selinux/targeted/policy/policy.24: Cannot allocate memory
> /usr/sbin/load_policy: Can't load policy: Cannot allocate memory
> libsemanage.semanage_reload_policy: load_policy returned error code 2.
> SELinux: Could not load policy
> file /etc/selinux/targeted/policy/policy.24: Cannot allocate memory
> /usr/sbin/load_policy: Can't load policy: Cannot allocate memory
> libsemanage.semanage_reload_policy: load_policy returned error code 2.
> semodule: Failed!
I managed to fix this myself. I edited grub.conf and added the
following to the end of my kernel's line:
vmalloc=192M
then rebooted. After rebooting I thoroughly cleaned things out:
# cd /etc/selinux
# yum erase selinux-policy selinux-policy-targeted
# mv targeted targeted.old
# yum install selinux-policy selinux-policy-targeted setroubleshoot \
policycoreutils-gui
and this time it worked and installed cleanly. I was then able to go
add my two custom policies.
I recently changed video cards (since the old one blew itself up) and
since nouveau misbehaved so badly in this instance and then again with
the new video card, I changed back to the nvidia drivers. I suppose
this could have caused my system to make greater use of the "vmalloc"
area. But does this indicate that policy is getting too large? Or does
this indicate that something is funny with my system? Or perhaps that
more and more people are going to be running into the default 128M limit
and this needs to be raised?
Thanks
Eddie
More information about the fedora-selinux-list
mailing list