Boot messages in 2.6.8-524

[Steve G]

Hi,

I just got yesterday's updates compiled and installed. Upon first boot, I got a
message like this:

Mounting local filesystem
Can't open RNG file /dev/hw_random no such file or directory
enable swap...

I haven't seen this before. I traced the message string to /sbin/rngd. Is this
error something that we should worry about? Something wanted a random number and
it aint gonna get it.

This prompted me to look deeper into the boot messages since there's a lot of new
changes regarding kudzu, hal, dbus, and the kernel. The issues I found will be
listed in the sequence they appeared in my logs:

Aug 21 09:00:13 buildhost kernel: SELinux:  Initializing.
Aug 21 09:00:13 buildhost kernel: SELinux:  Starting in permissive mode
Aug 21 09:00:13 buildhost kernel: There is already a security framework
initialized, register_security failed.
Aug 21 09:00:13 buildhost kernel: selinux_register_security:  Registering
secondary module capability
Aug 21 09:00:13 buildhost kernel: Capability LSM initialized as secondary

OK, why did selinux fail registering?

Aug 21 09:00:14 buildhost kernel: ksign: Installing public key data
Aug 21 09:00:14 buildhost kernel: Loading keyring
Aug 21 09:00:14 buildhost kernel: - Added public key D9E600F29CF41CA4
Aug 21 09:00:14 buildhost kernel: - User ID: Red Hat, Inc. (Kernel Module GPG
key)
Aug 21 09:00:14 buildhost kernel: ksign: invalid packet (ctb=00)
Aug 21 09:00:14 buildhost kernel: Unable to load default keyring: error=74

Why is there an invalid packet and why did the keyring fail to load?

Aug 21 09:00:15 buildhost kernel: md: md driver 0.90.0 MAX_MD_DEVS=256,
MD_SB_DISKS=27
Aug 21 09:00:15 buildhost hal.hotplug[1684]: error sending message to hald
Aug 21 09:00:15 buildhost kernel: NET: Registered protocol family 2
Aug 21 09:00:15 buildhost kernel: IP: routing cache hash table of 2048 buckets,
64Kbytes
Aug 21 09:00:15 buildhost kernel: TCP: Hash tables configured (established 262144
bind 37449)

Hmmm something failed to send a message to hald. What was the dbus & hald boot
priority?

Aug 21 09:00:16 buildhost kernel: security:  3 users, 4 roles, 251 types, 12
bools
Aug 21 09:00:16 buildhost kernel: security:  53 classes, 3895 rules
Aug 21 09:00:16 buildhost kernel: SELinux:  Completing initialization.

SE Linux is just now finishing its init? Why have other daemons and SE Linux
applications been running? Is there a synchonization barrier that stops any SE
Linux aware application from running until the whole rule set is finished
loading? Is there a window of opportunity that a malicious application could run
before SE Linux has done its thing? Like maybe disable SE Linux?

Aug 21 09:00:16 buildhost kernel: Adding 2096440k swap on /dev/sda5.  Priority:-1
extents:1
Aug 21 09:00:16 buildhost kernel: audit(1093093168.059:0): avc:  denied  {
mounton } for  pid=1117 exe=/bin/mount path=/proc/sys/fs/binfmt_misc dev=proc
ino=-268435430 scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:sysctl_t tclass=dir
Aug 21 09:00:16 buildhost kernel: audit(1093093168.059:0): avc:  denied  {
mounton } for  pid=1117 exe=/bin/mount path=/proc/sys/fs/binfmt_misc dev=proc
ino=-268435430 scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:sysctl_t tclass=dir

Yep, SE Linux is now active, starting to see avc's.

Aug 21 09:00:17 buildhost kernel: Attached scsi generic sg0 at scsi0, channel 0,
id 0, lun 0,  type 0
Aug 21 09:00:17 buildhost kernel: kudzu: Using deprecated /dev/sg mechanism
instead of SG_IO on the actual device

Are there plans to fix kudzu not to use a deprecated mechanism?

Aug 21 09:00:18 buildhost crond: crond startup succeeded
Aug 21 09:00:18 buildhost anacron: anacron startup succeeded
Aug 21 09:00:19 buildhost messagebus: messagebus startup succeeded
Aug 21 09:00:19 buildhost haldaemon: haldaemon startup succeeded

OK, way down here at the very end haldaemon is active. Isn't this way late?

-Steve Grubb


		
_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush