SELinux prevented system from booting after file system crash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

The root filesystem of one of our RHEL ES 4 servers crashed last week.
A colleague of mine was able to fix the filesystem but wasn't able to
reboot the machine.  Booting failed during initialization of SELinux,
more precisely after the line:
SELinux: initialized (dev usbfs, type usbfs), uses genfs_contexts

I was able to boot the machine by adding the selinux=0 grub kernel
option.  After this the machine booted fine and even a subsequent reboot
without disabling selinux works.

So it looks like whatever was broken was automatically fixed when the
machine booted succesfully for the first time.

However since I read that SELinux might prevent booting if one of the
relevant files is deleted I ran rpm -Va to check for missing/corrupt
files.

The output is filled with entries (4761 to be precise) with lines
indicating that the file could not be read:
.......?   /lib/i686

I'm running the check as root and I don't see any reason why this file
should be reported as being unreadable, unless the fact that there is no
security context shown is somehow interfering:
[root@syslogsrv log]# ll -d --lcontext /lib/i686
drwxr-xr-x  2                                  root root 4096 Sep  3
16:21 /lib/i686

But then again, rpm -Va doesn't complain about /etc/shadow while it too
doesn't show a security context:
[root@syslogsrv log]# grep shadow /tmp/rpmva
[root@syslogsrv log]# ll --lcontext /etc/shadow
-r


Mazda Motor Logistics Europe NV, Blaasveldstraat 162, B-2830 Willebroek
VAT BE 406.024.281, RPR Mechelen, ING  310-0092504-52, IBAN : BE64 3100 0925 0452, SWIFT : BBRUBEBB

--------  1                                  root root 1085 Oct 25
14:02 /etc/shadow
[root@syslogsrv log]# getenforce
Enforcing

Should I be worried about these entries?  And if so what can I do to fix
this?

Kind regards

Bram

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux