[SOLVED] SElinux >>changed Targeted to Strict. All kernels now Panic on boot.
Posted: 2011/12/23 08:26:44
Similar to musikbyg's topic_id=34078&forum=42
Using dif. HD to post, so will try those tips then check back here tomorrow.
AMD K7
CentOS 5.7
Four recent kernels, incl. PAE, installed from v5.7 CD-1 (October)
Was a fresh install using full-disk encryption.
Has been working great, even with SElinux set to enforcing.
PROBLEM kicked-in immediately after going to SElinux Admin (gui) Cont'l Panel and changing policy from "Targeted to Strict"
I also unchecked two boxes which were noted as dangerous permissions. Can't recall these items.
Rebooted immediately after saving changes, as directed. Entered my crypt pass and boot proceeded as normal.
In ~15 seconds, kernel panic. Details below. Tried all four Kernels, with and w/o PAE. Same panic msg.
Edited GRUB (legacy) for single-mode and "linux rescue" . No change.
Term message below:
type=1404 enforcing=1 old_enforcing=0 audit...etc
type=1403 audit... policy loaded
type=1400 audit... avc:denied (execute) for pid=1 comm=init path... /sbin/init:error while loading
shared libraries: libsepol.so.1:
Failed to map segment from shared object: Permission denied
Kernel Panic -not synching: attempted to kill init
Using dif. HD to post, so will try those tips then check back here tomorrow.
AMD K7
CentOS 5.7
Four recent kernels, incl. PAE, installed from v5.7 CD-1 (October)
Was a fresh install using full-disk encryption.
Has been working great, even with SElinux set to enforcing.
PROBLEM kicked-in immediately after going to SElinux Admin (gui) Cont'l Panel and changing policy from "Targeted to Strict"
I also unchecked two boxes which were noted as dangerous permissions. Can't recall these items.
Rebooted immediately after saving changes, as directed. Entered my crypt pass and boot proceeded as normal.
In ~15 seconds, kernel panic. Details below. Tried all four Kernels, with and w/o PAE. Same panic msg.
Edited GRUB (legacy) for single-mode and "linux rescue" . No change.
Term message below:
type=1404 enforcing=1 old_enforcing=0 audit...etc
type=1403 audit... policy loaded
type=1400 audit... avc:denied (execute) for pid=1 comm=init path... /sbin/init:error while loading
shared libraries: libsepol.so.1:
Failed to map segment from shared object: Permission denied
Kernel Panic -not synching: attempted to kill init