Problem with Selinux when upgrading from FC3 to FC6

[andrew.z.savva at jpmorgan.com]

Hi,

I recently upgraded a fedora core 3 machine to FC6 and have a serious 
problem getting it to function correctly.

On boot up many of the services complain about missing shared libraries, 
e.g. libssl, libdl.so, etc. However, the system continues on and gets to a 
(text based) login prompt. I log in on the console and none of the 
commands work. I try simple commands like "ls", "w", "ifconfig", "init" 
and it complains about missing libc.so and other really fundamental system 
libraries.

However what is really strange is that I rebooted into single user mode 
(i.e. run level 1) and I can log in okay and I can run the above commands 
as normal! I checked to see if the libraries exist on the disk and 
everything is perfectly fine. In fact I managed to get a crippled system 
running from run level 1 and successfully got a network running and 
started services like postfix, asterisk and httpd without any problems.

If I enter run level 3 or 5 then nothing is accessible from root or 
through an ordinary user account. I tried various methods of login in 
including ssh, sftp, etc and each time I am told that the shared library 
doesn't exist. I did a bit of poking around in run level 3 and although I 
cannot "ls" the shared library files (because "ls" doesn't work) I can 
still cd /lib and I can use filename completion to show the files. Then I 
decided to try run on and I found that running a shared library presents 
you with information about the lib, e.g. version, GNU licence, etc (that's 
the first time I knew you could do that so that was something I learnt). 
This proves that the libraries do exist and they are accessible from run 
level 1.

I tried both a Selinux kernel (the one from FC6) and my original 2.6.18.1 
kernel (without selinux) and both exhibit the same behaviour. When I 
booted into the selinux kernel the filesystem was relabelled by selinux as 
expected.

What I don't understand is that selinux is turned off in 
/etc/sysconfig/selinux and I've never enabled it on my FC3 machine so I 
don't know why it is broken. I checked through the log files and I don't 
see any mention of any selinux problems or any reports from selinux but I 
still thought it might be a selinux related issue.

It's certainly the strangest problem I've ever encountered on Linux. It 
seems to me like the system is denying access to files and that's what led 
me to believe it might be a selinux related issue and as I've never used 
it before I thought it was a likely candidate.

Also I upgraded three other machines (admittedly running different 
flavours of FC) and ran into no problems in the upgrade. One significant 
difference between them was that the FC3 machine had selinux installed 
(but disabled) on it.

I would really appreciate some help because I'm usually able to fix any 
Linux issue and this one has got me stumped. I have completely lost access 
to my machine and to make matters worse it is a remote machine and I only 
get access to it at the weekends!

Thanks in advance,
Andrew.


This communication is for informational purposes only. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect those of JPMorgan Chase & Co., its subsidiaries and affiliates.

This transmission may contain information that is privileged, confidential, legally privileged, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. Although this transmission and any attachments are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by JPMorgan Chase & Co., its subsidiaries and affiliates, as applicable, for any loss or damage arising in any way from its use. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you.
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20061030/3c4c1bdf/attachment.htm>