latest dev pgks: strict/enforcing boot hangs....

Tom London selinux at comcast.net
Thu Jul 29 14:53:49 UTC 2004


After installing the latest packages from the development tree,
(including selinux-policy-strict-1.15.8-3, etc.), booting with
strict/enforcing hangs (but it works with strict/permissive).

[Same behavior with both 494 and 499 kernel. And I did
a 'fixfiles relabel' to no avail.]

Here are the last entries from the log:

Jul 28 20:30:45 fedora ntpd[2203]: kernel time sync status 0040
Jul 28 20:30:45 fedora xinetd[2179]: xinetd Version 2.3.13 started with 
libwrap loadavg options compiled in.
Jul 28 20:30:45 fedora xinetd[2179]: Started working: 1 available service
Jul 28 20:30:45 fedora ntpd[2203]: frequency initialized 70.900 PPM from 
/var/lib/ntp/drift
Jul 28 20:30:45 fedora ntpd[2203]: configure: keyword "authenticate" 
unknown, line ignored
Jul 28 20:30:45 fedora kernel: Installing knfsd (copyright (C) 1996 
okir at monad.swb.de).
Jul 28 20:30:45 fedora kernel: SELinux: initialized (dev nfsd, type 
nfsd), uses genfs_contexts
Jul 28 20:30:45 fedora nfs: Starting NFS services:  succeeded
Jul 28 20:30:45 fedora nfs: rpc.rquotad startup succeeded
Jul 28 20:30:45 fedora nfs: rpc.nfsd startup succeeded
Jul 28 20:30:45 fedora nfs: rpc.mountd startup succeeded
Jul 28 20:30:45 fedora rpcidmapd: rpc.idmapd -SIGHUP succeeded
Jul 28 20:30:50 fedora udev[2271]: creating device node '/dev/lp0'
Jul 28 20:30:50 fedora kernel: audit(1091071850.411:0): avc:  denied  { 
search } for  pid=2279 exe=/bin/bash name=lock dev=hda2 ino=4456478 
scontext=system_u:system_r:udev_t tcontext=system_u:object_r:var_lock_t 
tclass=dir

HANGS HERE.... ALT-CTL-DEL

Jul 28 20:31:15 fedora shutdown: shutting down for system reboot
Jul 28 20:31:15 fedora init: Switching to runlevel: 6

I thought that perhaps the udev message was indicating something, so I
added
    allow udev_t var_lock_t:dir r_dir_perms;
but this seems to be a red herring,
all that did was to remove the avc..... still hangs.

Any ideas?
   tom



More information about the selinux mailing list