From: Ben Stringer <ben@xxxxxxxxxxx>
Subject: Re: [FC3] kernel panic after selinux-policy-targeted update
On Tue, 2005-06-28 at 17:15 +1000, Russell Coker wrote:
Until I get more detail on this (type of CPU, kernel version, etc)
I'll conclude that it was a broken configuration.
Hi Russell,
I got hit by this one. Some details:
Dell Inspiron 8600 laptop, Centrino 1.6Ghz, running
2.6.11-1.27_FC3. An "everything" installation of FC3, kept
updated from fedora-updates and livna. Using the 2100
wireless NIC at the time.
I did an update this afternoon, which included the selinux
policy update and the latest kernel (kernel-2.6.11-1.35_FC3).
During the yum update, things started breaking as the update
applied the new policies (eg. I couldn't use ssh from the
laptop to other hosts).
When I tried to shutdown, I got many messages like this:
Jun 28 18:56:00 ben8600 kernel: audit(1119948960.209:0): avc:
denied { execmod } for pid=13420 comm=mingetty
path=/lib/tls/libc-2.3.5.so
dev=hda11 ino=20455 scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:lib_t tclass=file
My only option was to power off the laptop. I then had to
boot with enforcing=0 (and a considerable amount of fscking)
to get back up.
If there is any other information I can give you to help
reproduce this, let me know.
Cheers, Ben
Similar results here:
Dell Latitude D600 Pentium 4M 1.4GHz
kernel 2.6.11-1.35_FC3 and all fedora-updates updates (no other repos)
Using a Broadcom 4306 (Dell TrueMobile 1450) wireless card
I too saw the avc errors (possibly others that I did not see). I did not
have the kernel panic, and while I got more errors on reboot, none
caused the system to lock up. Booting with enforcing=0 stopped the errors.
Executing
su -
rpm -ev selinux-policy-targeted selinux-policy-targeted-sources
rm -fR /etc/selinux/targeted/
yum install selinux-policy-targeted-1.17.30-3.9.noarch
selinux-policy-targeted-sources-1.17.30-3.9.noarch
touch /.autorelabel
and a reboot cleared all the errors. Let me know if more information can
help.
Erik
