Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[SOLVED] Cant boot if selinux=enforcing
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
vcmota
Guru
Guru


Joined: 19 Jun 2017
Posts: 367
PostPosted: Wed Dec 06, 2017 4:36 pm    Post subject: [SOLVED] Cant boot if selinux=enforcing Reply with quote
I both installed and configured selinux in my new install following the hadbook. Everything seems to be working fine in permissive mode, I can see the proper context as well as modify users roles. However, when I set SELINUX=enforcing in the /etc/selinux/config file and reboot I just cant enter the system: grub starts properly, finds the system and I successfully manage to unlock my encrypted disk (my install has full disk encryption). Then OpenRC starts and just after that everything starts to fail. I get something like:

Code:

* /proc is already mounted
* Mounting /run...
/lib64/rc/sh/init.sh: line 103:/run/openrc/softlevel: Not a directory
mkdir '/run/openrc/starting': Not a directory
mkdir '/run/openrc/started': Not a directory
mkdir '/run/openrc/stopping': Not a directory
mkdir '/run/openrc/inactive': Not a directory
mkdir '/run/openrc/wasinactive': Not a directory
mkdir '/run/openrc/failed': Not a directory
mkdir '/run/openrc/hotpluged': Not a directory
mkdir '/run/openrc/daemons': Not a directory
mkdir '/run/openrc/options': Not a directory
mkdir '/run/openrc/exclusive': Not a directory
mkdir '/run/openrc/scheduled': Not a directory
mkdir '/run/openrc/tmp': Not a directory
*Caching service dependencies...
fopen '/run/openrc/deptree': Not a directory
fopen '/run/openrc/depconfig': Not a directory
* Failed to update the dependence tree
* failed to load deptree
mkdir '/run/openrc/starting': Not a directory
mkdir '/run/openrc/started': Not a directory
mkdir '/run/openrc/stopping': Not a directory
mkdir '/run/openrc/inactive': Not a directory
mkdir '/run/openrc/wasinactive': Not a directory
mkdir '/run/openrc/failed': Not a directory
mkdir '/run/openrc/hotpluged': Not a directory
mkdir '/run/openrc/daemons': Not a directory
mkdir '/run/openrc/options': Not a directory
mkdir '/run/openrc/exclusive': Not a directory
mkdir '/run/openrc/scheduled': Not a directory
mkdir '/run/openrc/tmp': Not a directory
*Caching service dependencies...
fopen '/run/openrc/deptree': Not a directory
fopen '/run/openrc/depconfig': Not a directory
* Failed to update the dependence tree
* failed to load deptree
INIT: Entering runlevel: 3
mkdir '/run/openrc/starting': Not a directory
mkdir '/run/openrc/started': Not a directory
mkdir '/run/openrc/stopping': Not a directory
mkdir '/run/openrc/inactive': Not a directory
mkdir '/run/openrc/wasinactive': Not a directory
mkdir '/run/openrc/failed': Not a directory
mkdir '/run/openrc/hotpluged': Not a directory
mkdir '/run/openrc/daemons': Not a directory
mkdir '/run/openrc/options': Not a directory
mkdir '/run/openrc/exclusive': Not a directory
mkdir '/run/openrc/scheduled': Not a directory
mkdir '/run/openrc/tmp': Not a directory
*Caching service dependencies...
fopen '/run/openrc/deptree': Not a directory
fopen '/run/openrc/depconfig': Not a directory
* Failed to update the dependence tree
* failed to load deptree


and nothing happens. So I have to forcefully shutdown the PC, boot from a liveusb, modify the /etc/selinux/config to SELINUX=permissive and reboot, and then everything works just fine. Is there something miss configured in selinux and/or openrc?

Thank you all!

Last edited by vcmota on Fri Dec 08, 2017 4:50 pm; edited 1 time in total
Back to top
View user's profile Send private message
vcmota
Guru
Guru


Joined: 19 Jun 2017
Posts: 367
PostPosted: Fri Dec 08, 2017 4:50 pm    Post subject: Reply with quote
I find out what was going on. Again, rookie mistake: during configuration I forgot to properly modify the /ets/fstab file. After inserting the entries "tmpfs /tmp tmpfs defaults,noexec,nosuid,rootcontext=system_u:object_r:tmp_t 0 0" and "tmpfs /run tmpfs mode=0755,nosuid,nodev,rootcontext=system_u:object_r:var_run_t 0 0" I successfully booted with selinux=enforcing.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy