getting SELinix back active, cannot boot right now if active
Jim Cornette
fct-cornette at insight.rr.com
Thu Sep 15 02:17:15 UTC 2005
Bikehead wrote:
> Jim Cornette wrote:
>
>> John Ellson wrote:
>>
>>> Willem Riede wrote:
>>>
>>>> On 09/13/2005 10:10:15 AM, Build System wrote:
>>>>
>>>>
>>>>> kernel-2.6.13-1.1552_FC5
>>>>> ------------------------
>>>>> * Tue Sep 13 2005 Dave Jones <davej at redhat.com>
>>>>> - 2.6.14-rc1
>>>>>
>>>>> * Mon Sep 12 2005 Dave Jones <davej at redhat.com>
>>>>> - 2.6.13-git12
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On my Opteron the x86_64 kernel panics early in the boot process
>>>> [some event preceeded this but is scrolled off screen to fast to read]:
>>>>
>>>> Code: 0f 0b 68 3b 96 37 80 c2 96 02 eb 20 48 8b 02 48 83 c2 18 48
>>>> RIP <ffffffff801688f1>{kmem_find_general_cachep+10} RSP
>>>> <ffffffff80567ee8>
>>>> <0>Kernel panic - not syncing: Attempted to kill the idle task!
>>>>
>>>> Call Trace:<ffffffff80134c51>{panic+133}
>>>> <ffffffff80354245>{spin_unlock_irq+9}
>>>> <ffffffff80353bd3>{__down_read+50} <ffffffff8010f2da>{show_stack+202}
>>>> <ffffffff803541e8>{_spin_lock_irqsave+9}
>>>> <ffffffff80203011>{__up_read+19}
>>>> <ffffffff801376bf>{do_exit+149}
>>>> <ffffffff80259662>{do_unblank_screen+45}
>>>> <ffffffff8010f7bc>{default_do_nmi+0}
>>>> <ffffffff8010ff63>{do_invalid_op+163}
>>>> <ffffffff801688f1>{kmem_find_general_cachep+10}
>>>> <ffffffff8010e86d>{error_exit+0}
>>>> <ffffffff801688f1>{kmem_find_general_cachep+10}
>>>> <ffffffff80169775>{kmalloc_node+15}
>>>> <ffffffff8016bd16>{kmem_cache_create+2066}
>>>> <ffffffff8057db08>{kmem_cache_init+661}
>>>> <ffffffff80568753>{start_kernel+323} <ffffffff8056821d>{_sinittext+541}
>>>>
>>>> I hope I have better luck with tomorrow's kernel... Willem Riede.
>>>>
>>>>
>>>>
>>>>
>>> Nope. I'm having the same problem with 1553 today. (at least,
>>> sounds like the same, but I haven't
>>> versified the details of the panic).
>>>
>>> I'm back to 1549 on x86_64
>>>
>>> Also, 155[23] fail on all i386 boxes unless I start with selinux=0
>>
>>
>>
>> I tried kernel versions from FC4 and they failed unless selinux=0 was
>> passed to the kernel. I even went into runlevel 1 with selinux=0 and
>> running fixfiles relabel. The halt that I get with selinux enabled is
>> the ID"1" on tty1, ID "2" on tty2 .....tty6
>>
>> Before relabeling, I got the lockup during detecting hardware when
>> booting.
>>
>> Jim
>>
>>>
>>> John
>>>
>>
>>
> After upgrading two days ago, I cannot boot without selinux=0. The
> kernel stop after "Initializing hardware...". I get a *lot* of messages
> like "/etc/selinux/targeted/context/files/file_contexts: line 1729 has
> invalid context system_u:object_r:bin_t". Usually the line number
> changes, but there are other files and context. In fact there are so
> many messages I cannot scroll to the top to see what starts it.
>
> It appears there is something wrong with the targeted context files, but
> nothing appears in the log so I cannot assertain the root cause of the
> context failure.
>
> I tried relabeling with no success. I even wiped my disk, reinstalled
> FC4 and did a fresh upgrade to development. I see the exact same
> behavior. Is anyone else seeing this? If I've done something to screw
> up selinux how do I get it back?
>
>
This happened to me from 9/8/2005 when mentioned on this date. Russel
looked at some of the avc errors that seemed to point to the below excerpt.
rc>It looks like the main problem is related to udev as the device nodes
rc>have the wrong labels.
He also mentioned booting with audit=1 to get more descriptive error
messages.
rc>Booting with "audit=1" in these situations is a good idea as it makes
rc>the AVC messages much more informative.
I also did a fresh install of FC4, upgraded to the most recent updates,
then trailed up to development. I did not experience the boot problem
until I finally installed some "se*" packages via yum.
A problem with a corrupted rpmdb put me into a loop and prevented me
from being able to install packages related to ImageMagick. I was not
able to update all my programs until after I ran rpm --rebuilddb which
corrected the error related to ImageMagick. After all this was
corrected, the system still would not boot successfully w/ selinux
active. The system installs updates now, with no need to exclude
programs for update.
Jim
--
C'mon! political protest! sheesh. Where's that anarchist spirit? ;-)
-- Decklin Foster
More information about the fedora-test-list
mailing list