install of kernel-2.6.7-1.492: mkinitrd fails in strict/enforcing .......

Tom London selinux at comcast.net
Fri Jul 16 16:44:24 UTC 2004


'yum update' for the kernel-2.6.7-1.492 doesn't work
(strict/enforcing mode, selinux-policy-strict-1.15.5-2):

    kernel 100 % done 18/47
    /bin/bash: /root/.bashrc: Permission denied
    /lib/modules/2.6.7-1.492 is not a directory.
    mkinitrd failed
    /

[I checked, and no initrd-2.6.7-1.492.img in /boot]

I found this message in /var/log/messages:
    Jul 16 07:52:15 fedora kernel: audit(1089989535.207:0): avc:  
denied  { getattr } for  pid=3420 exe=/bin/bash 
path=/lib/modules/2.6.7-1.492 dev=hda2 ino=3671053 
scontext=root:sysadm_r:bootloader_t 
tcontext=system_u:object_r:modules_object_t tclass=dir

I set 'strict/permissive', did 'rpm -e kernel-2.6.7-1.492'
and did the 'yum update' again and got:
    Dependencies resolved
    I will do the following:
    [install: kernel 2.6.7-1.492.i686]
    Is this ok [y/N]: y
    Downloading Packages
    Running test transaction:
    WARNING: Multiple same specifications for /halt.
    WARNING: Multiple same specifications for /\.autofsck.
    Test transaction complete, Success!
    WARNING: Multiple same specifications for /halt.
    WARNING: Multiple same specifications for /\.autofsck.
    kernel 100 % done 1/1
    /
    Kernel Updated/Installed, checking for bootloader
    Grub found - making this kernel the default
    Installed:  kernel 2.6.7-1.492.i686
    Transaction(s) Complete

Something change?
   tom





More information about the selinux mailing list