On 12/13/06, Eve V. E. Kovacs <[log in to unmask]> wrote:
> Hi,
> I have a problem with selinux. I have an SL4.3 x86_64 system
> which will not boot unless I add the selinux=noenforce option
> to the boot parameters.
>
> If I don't, the system spews out messages like:
>
> theory kernel: audit(1165745008.891:666254): avc:  denied  { search } for
> pid=16856 comm="portmap" name="bin" dev=sda2 ino=535393
> scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:bin_t tclass=dir
>
> and hangs.
>

The last time I saw that was on a system that had been root'd and
someone root kit was called 'portmap'. Other issues have been a system
with a bad cpu/mb.

Would need to see more about the hardware and the kernel panic to get
a better idea. If the system doesnt look like it has been rooted, nor
that there is a bad hardware would be to boot into single user
'selinux=0 single forcefsck'
The forcefsck should cause it to check the disks for problems, and then do a

touch /.autorelabel

reboot and let selinux try to relabel the disks.

That gets 90% of the problems.

> These messages have been happening since Dec 4, and are recorded in
> /var/log/messages every few seconds. The system finally crashed last night
> with a kernel panic, and today I was unable to boot it without making the
> change described above.
>
>
> Does anyone have any idea what is going on?
>
> Thanks
> Eve
>
> --
> ***************************************************************
> Eve Kovacs
> Argonne National Laboratory,
> Room F149, Bldg. 362, HEP
> 9700 S. Cass Ave.
> Argonne, IL 60439 USA
> Phone: (630)-252-6208
> Fax:   (630)-252-5047
> email: [log in to unmask]
> ***************************************************************
>


-- 
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"