selinux and 2.6.31-33.fc12.x86_64

Gene Czarcinski gene at czarc.net
Tue Sep 22 17:47:12 UTC 2009 

On Tuesday 22 September 2009 08:51:15 Daniel J Walsh wrote:
> On 09/21/2009 05:15 PM, J M wrote:
> > When I boot into 2.6.31-33.fc12.x86_64 and type getenforce it returns
> > Disabled. Booting into a previous kernel getenforce yields Enforcing as
> > I had expected.
> >
> > During boot up I also caught a message:
> > dracut: SELinux: Could not load policy file
> > /etc/selinux/targeted/policy/policy.24: Invalid argument
> >
> > I've seen this on multiple systems, and am wondering if others have seen
> > it.
> >
> >
> >
> >
> > _________________________________________________________________
> > Lauren found her dream laptop. Find the PC that’s right for you.
> > http://www.microsoft.com/windows/choosepc/?ocid=ftp_val_wl_290
> 
> It might be something to do with dracut not working correctly.
> 
> 
> Do you see anything about a failure in /var/log/messages or
>  /var/log/audit/audit.log?
> 
> # rpm -q policycoreutils libsemanage
> policycoreutils-2.0.74-2.fc12.x86_64
> libsemanage-2.0.38-1.fc12.x86_64
> 
> You could try to rebuild the initrd of dracut.  I have just noticed that I
>  am running the previous kernel so I will attempt to reboot with that
>  kernel when I get a chance.
> 

There is definitely something wrong which involves the "latest" kernel.

I have installed and running:

[gc at hawk ~]$ rpm -q policycoreutils libsemanage
policycoreutils-2.0.74-2.fc12.x86_64
libsemanage-2.0.38-2.fc12.x86_64
[gc at hawk ~]$ rpm -q selinux-policy selinux-policy-targeted
selinux-policy-3.6.32-7.fc12.noarch
selinux-policy-targeted-3.6.32-7.fc12.noarch
[gc at hawk ~]$ rpm -q kernel
kernel-2.6.31-2.fc12.x86_64
kernel-2.6.31-14.fc12.x86_64
kernel-2.6.31-23.fc12.x86_64
kernel-2.6.31-33.fc12.x86_64

After booting kernel-2.6.31-33.fc12.x86_64, selinux is disabled.

Rebooting with kernel-2.6.31-23.fc12.x86_64 the system is "re-labeled"  and 
selinux is Enforcing.

I have installed:

[gc at hawk ~]$ rpm -qa dracut*
dracut-kernel-002-2.gitc53acc30.fc12.noarch
dracut-002-2.gitc53acc30.fc12.noarch

but an update for dracut is available.  I will update to that version and then 
remove/re-install kernel-2.6.31-33.fc12.x86_64 to see if that will make a 
difference.

Gene

More information about the fedora-test-list mailing list