Your message dated Mon, 28 Sep 2015 15:21:12 +0200
with message-id <[email protected]>
and subject line Re: selinux: segfault in boot
has caused the Debian Bug report #645916,
regarding selinux: segfault in boot
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
645916: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645916
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: selinux-basics
Version: 0.3.8
Severity: normal
When I setup SELINUX=permissive in /etc/selinux/config, the
computer fails to boot correctly (cannot start X11, but the console is
ok).
The following entries are written in kern.log
The interesting one is « 119 Oct 19 17:30:33 portable kernel: [13.724544]
mount[371]: segfault at 120 20f4000 ip 00007fb1e8fbbb20 sp 00007fff52ae4998
error 6 in 121 libc-2.13.so[7fb1e8f41000+17a000] »
If I setup SELINUX=permissive in /etc/selinux/config, the
computer works fine.
So it looks like I can install SELinux, but not use it.
___
…
Oct 19 17:30:33 portable kernel: [ 13.130469] SELinux: 2048 avtab
hash slots, 37945 rules.
Oct 19 17:30:33 portable kernel: [ 13.141483] SELinux: 2048 avtab hash
slots, 37945 rules.
Oct 19 17:30:33 portable kernel: [ 13.143325] SELinux: 6 users, 6
roles, 1464 types, 69 bools, 1 sens, 1024 cats
Oct 19 17:30:33 portable kernel: [ 13.143328] SELinux: 77 classes,
37945 rules
Oct 19 17:30:33 portable kernel: [ 13.145131] SELinux: Permission
read_policy in class security not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145156] SELinux: Permission
audit_access in class file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145163] SELinux: Permission
audit_access in class dir not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145166] SELinux: Permission
execmod in class dir not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145172] SELinux: Permission
audit_access in class lnk_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145175] SELinux: Permission
open in class lnk_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145177] SELinux: Permission
execmod in class lnk_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145183] SELinux: Permission
audit_access in class chr_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145188] SELinux: Permission
audit_access in class blk_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145191] SELinux: Permission
execmod in class blk_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145196] SELinux: Permission
audit_access in class sock_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145199] SELinux: Permission
execmod in class sock_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145204] SELinux: Permission
audit_access in class fifo_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145207] SELinux: Permission
execmod in class fifo_file not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145306] SELinux: Permission
syslog in class capability2 not defined in policy.
Oct 19 17:30:33 portable kernel: [ 13.145313] SELinux: the above
unknown classes and permissions will be denied
Oct 19 17:30:33 portable kernel: [ 13.145321] SELinux: Completing
initialization.
Oct 19 17:30:33 portable kernel: [ 13.145323] SELinux: Setting up
existing superblocks.
Oct 19 17:30:33 portable kernel: [ 13.145331] SELinux: initialized
(dev sysfs, type sysfs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.145338] SELinux: initialized
(dev rootfs, type rootfs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.145344] SELinux: initialized
(dev bdev, type bdev), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.145350] SELinux: initialized
(dev proc, type proc), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.145363] SELinux: initialized
(dev tmpfs, type tmpfs), uses transition SIDs
Oct 19 17:30:33 portable kernel: [ 13.145370] SELinux: initialized
(dev devtmpfs, type devtmpfs), uses transition SIDs
Oct 19 17:30:33 portable kernel: [ 13.145708] SELinux: initialized
(dev debugfs, type debugfs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.146252] SELinux: initialized
(dev sockfs, type sockfs), uses task SIDs
Oct 19 17:30:33 portable kernel: [ 13.146256] SELinux: initialized
(dev pipefs, type pipefs), uses task SIDs
Oct 19 17:30:33 portable kernel: [ 13.146261] SELinux: initialized
(dev anon_inodefs, type anon_inodefs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.146266] SELinux: initialized
(dev devpts, type devpts), uses transition SIDs
Oct 19 17:30:33 portable kernel: [ 13.146275] SELinux: initialized
(dev hugetlbfs, type hugetlbfs), uses transition SIDs
Oct 19 17:30:33 portable kernel: [ 13.146281] SELinux: initialized
(dev mqueue, type mqueue), uses transition SIDs
Oct 19 17:30:33 portable kernel: [ 13.146286] SELinux: initialized
(dev selinuxfs, type selinuxfs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.146312] SELinux: initialized
(dev sysfs, type sysfs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.147011] SELinux: initialized
(dev tmpfs, type tmpfs), uses transition SIDs
Oct 19 17:30:33 portable kernel: [ 13.147244] SELinux: initialized
(dev usbfs, type usbfs), uses genfs_contexts
Oct 19 17:30:33 portable kernel: [ 13.147263] SELinux: initialized
(dev dm-1, type ext4), uses xattr
Oct 19 17:30:33 portable kernel: [ 13.154059] type=1403
audit(1319038221.846:2): policy loaded auid=4294967295 ses=4294967295
Oct 19 17:30:33 portable kernel: [ 13.242243] type=1400
audit(1319038221.934:3): avc: denied { read write } for pid=356
comm="sh" name="console" dev=devtmpfs ino=896
scontext=system_u:system_r:sysadm_t:s0
tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Oct 19 17:30:33 portable kernel: [ 13.462096] type=1400
audit(1319038222.154:4): avc: denied { ioctl } for pid=361
comm="stty" path="/dev/console" dev=devtmpfs ino=896
scontext=system_u:system_r:sysadm_t:s0
tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Oct 19 17:30:33 portable kernel: [ 13.503104] type=1400
audit(1319038222.198:5): avc: denied { open } for pid=360 comm="rc"
name="null" dev=devtmpfs ino=888 scontext=system_u:system_r:sysadm_t:s0
tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Oct 19 17:30:33 portable kernel: [ 13.677109] type=1400
audit(1319038222.370:6): avc: denied { read } for pid=370
comm="mountpoint" path="pipe:[1783]" dev=pipefs ino=1783
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
Oct 19 17:30:33 portable kernel: [ 13.724240] type=1400
audit(1319038222.418:7): avc: denied { read } for pid=371
comm="mount" name="run" dev=dm-1 ino=786435
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:var_t:s0 tclass=lnk_file
Oct 19 17:30:33 portable kernel: [ 13.724544] mount[371]: segfault at
20f4000 ip 00007fb1e8fbbb20 sp 00007fff52ae4998 error 6 in
libc-2.13.so[7fb1e8f41000+17a000]
Oct 19 17:30:33 portable kernel: [ 13.744483] type=1400
audit(1319038222.438:8): avc: denied { read } for pid=372
comm="restorecon" path="pipe:[1783]" dev=pipefs ino=1783
scontext=system_u:system_r:setfiles_t:s0
tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
Oct 19 17:30:33 portable kernel: [ 13.851365] type=1400
audit(1319038222.542:9): avc: denied { read } for pid=375
comm="restorecon" name="run" dev=dm-1 ino=786435
scontext=system_u:system_r:setfiles_t:s0
tcontext=system_u:object_r:var_t:s0 tclass=lnk_file
Oct 19 17:30:33 portable kernel: [ 13.903820] type=1400
audit(1319038222.594:10): avc: denied { write } for pid=383
comm="mount" name="/" dev=tmpfs ino=1050
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:var_run_t:s0 tclass=dir
Oct 19 17:30:33 portable kernel: [ 13.903940] SELinux: initialized
(dev tmpfs, type tmpfs), uses transition SIDs
…
___
-- System Information:
Debian Release: wheezy/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to fr_FR.UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages selinux-basics depends on:
ii checkpolicy 2.1.0-1
ii policycoreutils 2.0.82-5
ii python 2.7.2-8
ii selinux-utils 2.1.0-1
Versions of packages selinux-basics recommends:
pn selinux-policy-default 2:0.2.20100524-12
pn setools <none>
Versions of packages selinux-basics suggests:
pn logcheck <none>
pn syslog-summary <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Hi,
On Wed, 19 Oct 2011 18:14:09 +0200 Damien CLAUZEL
<[email protected]> wrote:
> When I setup SELINUX=permissive in /etc/selinux/config, the
> computer fails to boot correctly (cannot start X11, but the console is
> ok).
>
> The following entries are written in kern.log
> The interesting one is « 119 Oct 19 17:30:33 portable kernel:
[13.724544] mount[371]: segfault at 120 20f4000 ip 00007fb1e8fbbb20 sp
00007fff52ae4998 error 6 in 121 libc-2.13.so[7fb1e8f41000+17a000] »
>
> If I setup SELINUX=permissive in /etc/selinux/config, the
> computer works fine.
>
> So it looks like I can install SELinux, but not use it.
[...]
> Versions of packages selinux-basics recommends:
> pn selinux-policy-default 2:0.2.20100524-12
I'm closing this bug, looking at the errores and the line above, it
seems that you have some kind of issue with the policy (doesn't look
properly installed).
Cheers,
Laurent Bigonville
--- End Message ---
_______________________________________________
SELinux-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
