I've been banging my head on this one all weekend after setting up corosync on Fedora for some testing. Corosync would fail to start some of the time, peg 1 cpu, and need to be killed with a SIGKILL. For a while I had presumed that this was a problem on the corosync side, but it's actually an upstream bug in Fedora as far as I can tell. It does not appear to respect the SELINUX=xxx configuration directive. These systems were built with the minimal install profile, so it is possible that I'm missing an init.d script somewhere as well but there should not be a selinux config file if that is the case.
See below setting SELINUX to either permissive or disabled results in no change to the selinux state after a fresh boot. My workaround is placing corosync and pacemaker startup in rc.local after a call to setenforce 0. Cheers, Eric Warnke Research IT Group SUNY at Albany Boot 1: [root@tiny ~]# uptime 08:30:43 up 0 min, 1 user, load average: 0.15, 0.06, 0.02 [root@tiny ~]# getenforce Enforcing [root@tiny ~]# more /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted Boot 2: [root@tiny ~]# uptime 08:33:01 up 0 min, 1 user, load average: 0.30, 0.06, 0.02 [root@tiny ~]# getenforce Enforcing [root@tiny ~]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted After a call to setenforce 0 [root@tiny ~]# getenforce Permissive _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
