[FC3] kernel panic after selinux-policy-targeted update
Russell Coker
russell at coker.com.au
Tue Jun 28 07:15:43 UTC 2005
On Tuesday 28 June 2005 00:56, Stephen Smalley <sds at tycho.nsa.gov> wrote:
> > Now I cannot boot into FC3 at all (I'm posting this from Windows). This
> > is the error I get:
> >
> > audit(1119882959.657:0): avc: denied { execmod } for pid=1 comm=init
> > path=/lib/tls/libc-2.3.5.so dev=hda3 ino=2638668
> > scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:shlib_t
> > tclass=file
> > /sbin/init: error while loading shared libraries : /lib/tls/libc.so.6:
> > cannot apply additional memory protection after relocation: Permission
> > denied
> > Kernel panic - not syncing: Attempted to kill init!
>
> What is your hardware? ppc32 by any chance? execmod has to be allowed
> to all file types on that platform (or, as in kernel 2.6.12, the check
> has to be disabled completely for ppc32).
>
> /usr/sbin/getsebool allow_execmod shows what?
I've just tried reproducing this on a P4-1.5GHz machine specifically installed
for the purpose.
I upgraded to all the latest packages including kernel-2.6.11-1.35_FC3 and
selinux-policy-targeted-sources-1.17.30-3.13. Things worked fine.
Until I get more detail on this (type of CPU, kernel version, etc) I'll
conclude that it was a broken configuration.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161867
The above bugzilla has a similar bug report, I've closed it with WORKSFORME.
The person who reported it can reopen the bug if they have more information
that may allow me to reproduce the bug.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list