getting SELinix back active, cannot boot right now if active

Bikehead wrote:
Jim Cornette wrote:

John Ellson wrote:

Willem Riede wrote:

On 09/13/2005 10:10:15 AM, Build System wrote:
* Tue Sep 13 2005 Dave Jones <davej redhat com>
- 2.6.14-rc1

* Mon Sep 12 2005 Dave Jones <davej redhat com>
- 2.6.13-git12

On my Opteron the x86_64 kernel panics early in the boot process
[some event preceeded this but is scrolled off screen to fast to read]:

Code: 0f 0b 68 3b 96 37 80 c2 96 02 eb 20 48 8b 02 48 83 c2 18 48
RIP <ffffffff801688f1>{kmem_find_general_cachep+10} RSP <ffffffff80567ee8>
<0>Kernel panic - not syncing: Attempted to kill the idle task!

Call Trace:<ffffffff80134c51>{panic+133} <ffffffff80354245>{spin_unlock_irq+9}
<ffffffff80353bd3>{__down_read+50} <ffffffff8010f2da>{show_stack+202}
<ffffffff803541e8>{_spin_lock_irqsave+9} <ffffffff80203011>{__up_read+19} <ffffffff801376bf>{do_exit+149} <ffffffff80259662>{do_unblank_screen+45} <ffffffff8010f7bc>{default_do_nmi+0} <ffffffff8010ff63>{do_invalid_op+163}
<ffffffff80568753>{start_kernel+323} <ffffffff8056821d>{_sinittext+541}

I hope I have better luck with tomorrow's kernel... Willem Riede.

Nope. I'm having the same problem with 1553 today. (at least, sounds like the same, but I haven't
versified the details of the panic).

I'm back to 1549  on x86_64

Also, 155[23] fail on all i386 boxes  unless I start with selinux=0

I tried kernel versions from FC4 and they failed unless selinux=0 was passed to the kernel. I even went into runlevel 1 with selinux=0 and running fixfiles relabel. The halt that I get with selinux enabled is the ID"1" on tty1, ID "2" on tty2 .....tty6

Before relabeling, I got the lockup during detecting hardware when booting.



After upgrading two days ago, I cannot boot without selinux=0. The kernel stop after "Initializing hardware...". I get a *lot* of messages like "/etc/selinux/targeted/context/files/file_contexts: line 1729 has invalid context system_u:object_r:bin_t". Usually the line number changes, but there are other files and context. In fact there are so many messages I cannot scroll to the top to see what starts it.

It appears there is something wrong with the targeted context files, but nothing appears in the log so I cannot assertain the root cause of the context failure.

I tried relabeling with no success. I even wiped my disk, reinstalled FC4 and did a fresh upgrade to development. I see the exact same behavior. Is anyone else seeing this? If I've done something to screw up selinux how do I get it back?

This happened to me from 9/8/2005 when mentioned on this date. Russel looked at some of the avc errors that seemed to point to the below excerpt.
rc>It looks like the main problem is related to udev as the device nodes
rc>have the wrong labels.

He also mentioned booting with audit=1 to get more descriptive error messages. rc>Booting with "audit=1" in these situations is a good idea as it makes rc>the AVC messages much more informative.

I also did a fresh install of FC4, upgraded to the most recent updates, then trailed up to development. I did not experience the boot problem until I finally installed some "se*" packages via yum. A problem with a corrupted rpmdb put me into a loop and prevented me from being able to install packages related to ImageMagick. I was not able to update all my programs until after I ran rpm --rebuilddb which corrected the error related to ImageMagick. After all this was corrected, the system still would not boot successfully w/ selinux active. The system installs updates now, with no need to exclude programs for update.


