latest dev pgks: strict/enforcing boot hangs....
Tom London
selinux at comcast.net
Thu Jul 29 15:37:57 UTC 2004
nope. Thats all I get. When I added an allow rule
to search /var/lock, I got another one for 'getattr'
(so I did the r_dir_perms).
But thats all.
Should I do an 'enableaudit'?
tom
> ------------------------------------------------------------------------
>
> * /From/: Daniel J Walsh <dwalsh redhat com>
>
> ------------------------------------------------------------------------
> Tom London wrote:
>
>After installing the latest packages from the development tree,
>(including selinux-policy-strict-1.15.8-3, etc.), booting with
>strict/enforcing hangs (but it works with strict/permissive).
>
>
>
> Do you have any additional messages from strict/permissive?
>
> Dan
>
>[Same behavior with both 494 and 499 kernel. And I did
>a 'fixfiles relabel' to no avail.]
>
>
> Here are the last entries from the log:
>
> Jul 28 20:30:45 fedora ntpd[2203]: kernel time sync status 0040
> Jul 28 20:30:45 fedora xinetd[2179]: xinetd Version 2.3.13 started
> with libwrap loadavg options compiled in.
> Jul 28 20:30:45 fedora xinetd[2179]: Started working: 1 available
> service
> Jul 28 20:30:45 fedora ntpd[2203]: frequency initialized 70.900
> PPM from /var/lib/ntp/drift
> Jul 28 20:30:45 fedora ntpd[2203]: configure: keyword
> "authenticate" unknown, line ignored
> Jul 28 20:30:45 fedora kernel: Installing knfsd (copyright (C)
> 1996 okir monad swb de).
> Jul 28 20:30:45 fedora kernel: SELinux: initialized (dev nfsd,
> type nfsd), uses genfs_contexts
> Jul 28 20:30:45 fedora nfs: Starting NFS services: succeeded
> Jul 28 20:30:45 fedora nfs: rpc.rquotad startup succeeded
> Jul 28 20:30:45 fedora nfs: rpc.nfsd startup succeeded
> Jul 28 20:30:45 fedora nfs: rpc.mountd startup succeeded
> Jul 28 20:30:45 fedora rpcidmapd: rpc.idmapd -SIGHUP succeeded
> Jul 28 20:30:50 fedora udev[2271]: creating device node '/dev/lp0'
> Jul 28 20:30:50 fedora kernel: audit(1091071850.411:0): avc:
> denied { search } for pid=2279 exe=/bin/bash name=lock dev=hda2
> ino=4456478 scontext=system_u:system_r:udev_t
> tcontext=system_u:object_r:var_lock_t tclass=dir
>
> HANGS HERE.... ALT-CTL-DEL
>
>Jul 28 20:31:15 fedora shutdown: shutting down for system reboot
>Jul 28 20:31:15 fedora init: Switching to runlevel: 6
>
>
>I thought that perhaps the udev message was indicating something, so I
>added
> allow udev_t var_lock_t:dir r_dir_perms;
>but this seems to be a red herring,
>all that did was to remove the avc..... still hangs.
>
>
>Any ideas?
> tom
>--
>fedora-selinux-list mailing list
>fedora-selinux-list redhat com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
More information about the selinux
mailing list