FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 02-19-2010, 01:11 PM
"Maurizio D'Antonio"
 
Default Kernel panic after enabled SELINUXTYPE=strict

Hi all,
I have installed CentOS 5.4 on the VirtualBox for "play" with SELinux.
After installation, I enabled SELinux with policy in "target mode".
The system is booting without error.
I decided the enable SELINUXTYPE=strict mode, but at first reboot I receive

*the following message:


"
Red Hat nash version 5.1.19.6 starting
Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.
Kernel panic - not syncing: Attempted to kill init!
"


The only solution is to disable SELinux at the boot.
[ kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet selinux=0 ]



What is the problem?
Where I wrong?
Thx


.:M:.

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 02-19-2010, 01:16 PM
Dominick Grift
 
Default Kernel panic after enabled SELINUXTYPE=strict

On 02/19/2010 03:11 PM, Maurizio D'Antonio wrote:
> Hi all,
> I have installed CentOS 5.4 on the VirtualBox for "play" with SELinux.
> After installation, I enabled SELinux with policy in "target mode".
> The system is booting without error.
> I decided the enable SELINUXTYPE=strict mode, but at first reboot I receive
> the following message:

Did you install selinux-policy-strict?

this procedure might work:

yum install selinux-policy-strict
edit /etc/selinux/config SELINUXTYPE=strict
touch /.autorelabel && reboot
when it boots go to grub menu and append: 3 enforcing=0

This will load in runlevel3 with selinux in permissive mode to ensure
that it can relavel the file system.

> "
> Red Hat nash version 5.1.19.6 starting
> Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.
> Kernel panic - not syncing: Attempted to kill init!
> "
>
> The only solution is to disable SELinux at the boot.
> [ kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet selinux=0 ]
>
>
> What is the problem?
> Where I wrong?
> Thx
>
> .:M:.
>
>
>
>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 02-19-2010, 01:54 PM
"Maurizio D'Antonio"
 
Default Kernel panic after enabled SELINUXTYPE=strict

mmm. You're right.
# rpm -qa*| grep -i selinux-policy
selinux-policy-2.4.6-255.el5
selinux-policy-targeted-2.4.6-255.el
*
But, what is this selinux-policy-2.4.6-255.el5 package?
*
Thx 1K

*
2010/2/19 Dominick Grift <domg472@gmail.com>


On 02/19/2010 03:11 PM, Maurizio D'Antonio wrote:
> Hi all,
> I have installed CentOS 5.4 on the VirtualBox for "play" with SELinux.
> After installation, I enabled SELinux with policy in "target mode".

> The system is booting without error.
> I decided the enable SELINUXTYPE=strict mode, but at first reboot I receive
> *the following message:

Did you install selinux-policy-strict?

this procedure might work:


yum install selinux-policy-strict
edit /etc/selinux/config SELINUXTYPE=strict
touch /.autorelabel && reboot
when it boots go to grub menu and append: 3 enforcing=0

This will load in runlevel3 with selinux in permissive mode to ensure

that it can relavel the file system.


> "
> Red Hat nash version 5.1.19.6 starting
> Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.
> Kernel panic - not syncing: Attempted to kill init!

> "
>
> The only solution is to disable SELinux at the boot.
> [ kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet selinux=0 ]
>
>
> What is the problem?
> Where I wrong?

> Thx
>
> .:M:.
>
>
>
>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux




--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux



--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 02-19-2010, 01:55 PM
Dominick Grift
 
Default Kernel panic after enabled SELINUXTYPE=strict

On 02/19/2010 03:54 PM, Maurizio D'Antonio wrote:
> mmm. You're right.
> # rpm -qa | grep -i selinux-policy
> selinux-policy-2.4.6-255.el5
> selinux-policy-targeted-2.4.6-255.el
>
> But, what is this selinux-policy-2.4.6-255.el5 package?

It has SELinux policy that is not specific to any policy model i imagine.

> Thx 1K
>
>
> 2010/2/19 Dominick Grift <domg472@gmail.com>
>
>> On 02/19/2010 03:11 PM, Maurizio D'Antonio wrote:
>>> Hi all,
>>> I have installed CentOS 5.4 on the VirtualBox for "play" with SELinux.
>>> After installation, I enabled SELinux with policy in "target mode".
>>> The system is booting without error.
>>> I decided the enable SELINUXTYPE=strict mode, but at first reboot I
>> receive
>>> the following message:
>>
>> Did you install selinux-policy-strict?
>>
>> this procedure might work:
>>
>> yum install selinux-policy-strict
>> edit /etc/selinux/config SELINUXTYPE=strict
>> touch /.autorelabel && reboot
>> when it boots go to grub menu and append: 3 enforcing=0
>>
>> This will load in runlevel3 with selinux in permissive mode to ensure
>> that it can relavel the file system.
>>
>>> "
>>> Red Hat nash version 5.1.19.6 starting
>>> Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.
>>> Kernel panic - not syncing: Attempted to kill init!
>>> "
>>>
>>> The only solution is to disable SELinux at the boot.
>>> [ kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet selinux=0 ]
>>>
>>>
>>> What is the problem?
>>> Where I wrong?
>>> Thx
>>>
>>> .:M:.
>>>
>>>
>>>
>>>
>>> --
>>> selinux mailing list
>>> selinux@lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>>
>>
>> --
>> selinux mailing list
>> selinux@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>
>
>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 02-20-2010, 11:16 AM
Daniel J Walsh
 
Default Kernel panic after enabled SELINUXTYPE=strict

On 02/19/2010 09:11 AM, Maurizio D'Antonio wrote:


Hi all,

I have installed CentOS 5.4 on the VirtualBox for "play" with SELinux.

After installation, I enabled SELinux with policy in "target mode".

The system is booting without error.

I decided the enable SELINUXTYPE=strict mode, but at first reboot I
receive

*the following message:


"

Red Hat nash version 5.1.19.6 starting

Unable to load SELinux Policy. Machine is in enforcing mode. Halting
now.

Kernel panic - not syncing: Attempted to kill init!

"


The only solution is to disable SELinux at the boot.

[ kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet selinux=0 ]




What is the problem?

Where I wrong?

Thx


.:M:.



--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

The first time you boot permissive in RHEL5/Centos5 Strict policy, you
have to boot in permissive mode and perform a relabel.* Since all the
labeling is not correct, specifically shared libraries, init is not
allowed access and panics.



enforcing=0 autorelabel



on the kernel command line will make this happen.



--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 06:39 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org