On Sun, 22 Aug 2004 00:08, Steve G linux_4ever@yahoo.com wrote:
Mounting local filesystem Can't open RNG file /dev/hw_random no such file or directory enable swap...
I haven't seen this before. I traced the message string to /sbin/rngd. Is this error something that we should worry about? Something wanted a random number and it aint gonna get it.
rngd copies data from the hardware random number source to /dev/random (the kernel random number source). Without it /dev/random gets populated by key-press intervals, network interrupt times, and other events which may not be sufficiently random or common.
It seems that rngd expects /dev/hwrandom while udev with the FC3T1 kernel creates /dev/hw_random. I haven't checked the latest kernel to see whether this has changed.
Aug 21 09:00:13 buildhost kernel: SELinux: Initializing. Aug 21 09:00:13 buildhost kernel: SELinux: Starting in permissive mode Aug 21 09:00:13 buildhost kernel: There is already a security framework initialized, register_security failed. Aug 21 09:00:13 buildhost kernel: selinux_register_security: Registering secondary module capability Aug 21 09:00:13 buildhost kernel: Capability LSM initialized as secondary
OK, why did selinux fail registering?
Bogus error message. SE Linux needs the capability module for full functionality but you get an error when both are loaded. Things work fine anyway.
Aug 21 09:00:16 buildhost kernel: security: 3 users, 4 roles, 251 types, 12 bools Aug 21 09:00:16 buildhost kernel: security: 53 classes, 3895 rules Aug 21 09:00:16 buildhost kernel: SELinux: Completing initialization.
SE Linux is just now finishing its init? Why have other daemons and SE Linux applications been running? Is there a synchonization barrier that
I believe that hotplug is spawned by kernel threads and can start before init. The policy is loaded and SE Linux init is complete before init starts running with full functionality (IE before rc.sysinit is run).
stops any SE Linux aware application from running until the whole rule set is finished loading? Is there a window of opportunity that a malicious application could run before SE Linux has done its thing? Like maybe disable SE Linux?
No. The machine is a long way from multi-user mode at that stage.
Aug 21 09:00:16 buildhost kernel: Adding 2096440k swap on /dev/sda5. Priority:-1 extents:1 Aug 21 09:00:16 buildhost kernel: audit(1093093168.059:0): avc: denied { mounton } for pid=1117 exe=/bin/mount path=/proc/sys/fs/binfmt_misc dev=proc ino=-268435430 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:sysctl_t tclass=dir Aug 21 09:00:16 buildhost kernel: audit(1093093168.059:0): avc: denied { mounton } for pid=1117 exe=/bin/mount path=/proc/sys/fs/binfmt_misc dev=proc ino=-268435430 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:sysctl_t tclass=dir
Yep, SE Linux is now active, starting to see avc's.
What script is calling this mount? It's a bug in policy but I'd like to get more info before making changes.
Aug 21 09:00:18 buildhost crond: crond startup succeeded Aug 21 09:00:18 buildhost anacron: anacron startup succeeded Aug 21 09:00:19 buildhost messagebus: messagebus startup succeeded Aug 21 09:00:19 buildhost haldaemon: haldaemon startup succeeded
OK, way down here at the very end haldaemon is active. Isn't this way late?
I was under the impression that kudzu requires hal. If that means it needs haldaemon to be active then you are correct and it is too late.