Recent SELinux updates seem to cause Kernel Panic
Daniel J Walsh
dwalsh at redhat.com
Mon Apr 5 21:14:50 UTC 2004
Brandon Petersen wrote:
>I got past the kernel panic by setting the kernel parameter
>'selinux=permissive' at the boot up. Thanks for the info about the
>policy file, the machine now nearly loads.
>
>When I boot normally, I now get an unending stream of the following
>error message:
>
>audit(1081178872.934:0): avc: denied { write } for pid=1063
>exe=/sbin/klogd_name=log dev=hda2 ino=762650
>scontext=system_u:system_r:klodg_t tcontext=system_u:object_r:file_t
>tclass=sock_file
>
>
>
This looks like you have a mislabeled file, perhaps caused by the kernel
panic.
You will probably need a relabel.
>Brandon Petersen
>
>
>On Mon, 2004-04-05 at 12:06, Ric Letson wrote:
>
>
>>On Mon, 2004-04-05 at 10:34, Brandon Petersen wrote:
>>
>>
>>>A very recent yum upgrade of SELinux for Fedora Core2 Test2, possibly
>>>policycoreutils, is causing a Kernel Panic during bootup. I ran 'yum
>>>upgrade' on the morning of April 5, 2004. It updated the kernel,
>>>SELinux packages and more.
>>>
>>>After I attempted to boot, it says:
>>>
>>>Enforcing mode requested but no policy loaded. Halted now.
>>>Kernel Panic: Attempted to kill init!
>>>
>>>I wish I wrote down all the upgrades that occurred, but it was the
>>>updates available on the morning of April 5, 2004.
>>>
>>>I am running a Dell Dimension 2100. It has 196mb of ram, an Intel
>>>Celeron 800mhz. It uses the Intel 810 video card.
>>>
>>>I filed this bug under
>>>
>>>http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120048
>>>
>>>But I feel like I didn't gather enough information for this bug report.
>>>What can I do to file a better report about this in the future, besides
>>>printing out the packages that were updated during a 'yum update'?
>>>
>>>Brandon Petersen
>>>
>>>
>>>
>>The upgrade that I think would be most relevant based upon other
>>conversations in the fedora-test-list is the probably upgrade to
>>policy-1.9.2-10
>>
>>
>>If So (and I'm correct on the issue):
>>
>>You may fix your system by booting the rescue image on the first disc
>>(insert the disc, reboot, and type linux rescue at the boot prompt and
>>press return)
>>
>>and renaming a file in /etc/security/selinux/
>>(cd /etc/security/selinux/)
>>
>>*please note: the directory mentioned here (/etc/security/selinux) is
>>relative to where the rescue cd mounts your root partition*
>>
>>The file policy. should be renamed policy.16
>>(mv policy. policy.16)
>>
>>A reboot should then return your system to normal.
>>
>>
>>
>>
>
>
>
>
More information about the fedora-test-list
mailing list