Device nodes have no type when booting a 2.6.32.*.fc12 kernel
Stephen Smalley
sds at tycho.nsa.gov
Mon May 24 19:28:05 UTC 2010
On Mon, 2010-05-24 at 15:07 -0400, Stephen Smalley wrote:
> On Mon, 2010-05-24 at 11:54 -0700, Karl-Michael Schneider wrote:
> > I have fc12 installed on a Lenovo R61 laptop with two kernels:
> >
> > kernel-2.6.31.12-174.2.22.fc12.i686
> > kernel-2.6.32.12-115.fc12.i686
> >
> > The 2.6.31 kernel has no problem. But when I try to boot the 2.6.32
> > kernel it fails because SELinux is blocking access to device nodes. I
> > can only boot the 2.6.32 kernel in single user mode. The reason is
> > that /dev and all files in it have no type:
> >
> > $ ls -lZ /dev
> > crw-------. root root system_u:object_r:unlabeled_t:s0 agpgart
> <snip>
> > The filesystem is ext3 on LVM:
> >
> > $ cat /etc/fstab
> > /dev/VolGroup00/LogVol00 / ext3 defaults 1 1
> > ...
> >
> > The filesystem was created when I installed FC9. Later I upgraded to
> > FC12. But the problem only appeared when the kernel was updated from
> > 2.6.31 to 2.6.32. All 2.6.32 kernels so far had the same problem.
> >
> > I have already relabeled the filesystem, but it didn't help. I tried
> > restorecon -R -v /dev after booting the 2.6.32 kernel but it didn't do
> > anything.
>
> Sounds like the devtmpfs mount with a policy that doesn't know about it.
> dmesg | grep SELinux
> grep /dev /proc/mounts
I suspect your policy update didn't go cleanly and aborted during %post,
especially if you tried going all the way from F9 to F12. I'd suggest
doing:
mv /etc/selinux/targeted /etc/selinux/targeted.orig
yum reinstall selinux-policy-targeted
--
Stephen Smalley
National Security Agency
More information about the selinux
mailing list