[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [FC3] kernel panic after selinux-policy-targeted update




From: Ben Stringer <ben burbong com>
Subject: Re: [FC3] kernel panic after selinux-policy-targeted update


On Tue, 2005-06-28 at 17:15 +1000, Russell Coker wrote:



Until I get more detail on this (type of CPU, kernel version, etc) I'll conclude that it was a broken configuration.


Hi Russell,

I got hit by this one. Some details:

Dell Inspiron 8600 laptop, Centrino 1.6Ghz, running 2.6.11-1.27_FC3. An "everything" installation of FC3, kept updated from fedora-updates and livna. Using the 2100 wireless NIC at the time.

I did an update this afternoon, which included the selinux policy update and the latest kernel (kernel-2.6.11-1.35_FC3). During the yum update, things started breaking as the update applied the new policies (eg. I couldn't use ssh from the laptop to other hosts).

When I tried to shutdown, I got many messages like this:

Jun 28 18:56:00 ben8600 kernel: audit(1119948960.209:0): avc: denied { execmod } for pid=13420 comm=mingetty path=/lib/tls/libc-2.3.5.so
dev=hda11 ino=20455 scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:lib_t tclass=file


My only option was to power off the laptop. I then had to boot with enforcing=0 (and a considerable amount of fscking) to get back up.

If there is any other information I can give you to help reproduce this, let me know.

Cheers, Ben




Similar results here:
Dell Latitude D600 Pentium 4M 1.4GHz
kernel 2.6.11-1.35_FC3 and all fedora-updates updates (no other repos)
Using a Broadcom 4306 (Dell TrueMobile 1450) wireless card

I too saw the avc errors (possibly others that I did not see). I did not have the kernel panic, and while I got more errors on reboot, none caused the system to lock up. Booting with enforcing=0 stopped the errors.
Executing
su -
rpm -ev selinux-policy-targeted selinux-policy-targeted-sources
rm -fR /etc/selinux/targeted/
yum install selinux-policy-targeted-1.17.30-3.9.noarch selinux-policy-targeted-sources-1.17.30-3.9.noarch
touch /.autorelabel


and a reboot cleared all the errors. Let me know if more information can help.

Erik


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]