Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Load the SELinux policy after switch_root and remove the selinux-loadpolicy module #2652

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Load the SELinux policy after switch_root and remove the selinux-loadpolicy module #2652

wants to merge 1 commit into from

Conversation

gtrentalancia
Copy link

@gtrentalancia gtrentalancia commented Jun 16, 2024
edited
Loading

Load the SELinux policy after switch_root and remove the selinux-loadpolicy module.

This fixes the bootup process with recent kernels, as it was getting stuck on Permission Denied errors due to the early SELinux policy load.

Fixes #2653

.github/labeler.yml | 4 -
modules.d/98selinux/module-setup.sh | 17 -------
modules.d/98selinux/selinux-loadpolicy.sh | 70 ------------------------------
modules.d/99base/init.sh | 5 ++
4 files changed, 5 insertions(+), 91 deletions(-)

@github-actions github-actions bot added modules Issue tracker for all modules selinux Issues related to the selinux module base Issues related to the base module github Issues related to .github labels Jun 16, 2024
@gtrentalancia gtrentalancia mentioned this pull request Jun 16, 2024
Open
@gtrentalancia gtrentalancia force-pushed the master branch 2 times, most recently from 72af9cb to 3d75019 Compare June 16, 2024 13:48
@gtrentalancia
Load the SELinux policy after switch_root. This fixes
2529c96 
the bootup process with recent kernels, as it was
getting stuck on Permission Denied errors, due to the
early SELinux policy load.

Thanks to Laszlo Gombos for reviewing this patch and
suggesting to obsolete the SELinux load policy module
instead of removing it completely.

Signed-off-by: Guido Trentalancia <[email protected]>
---
 modules.d/98selinux/selinux-loadpolicy.sh |    5 +-
 modules.d/99base/init.sh                  |   61 ++++++++++++++++++++++++++++++
 2 files changed, 65 insertions(+), 1 deletion(-)
@stale Stale
Copy link

stale bot commented Jan 21, 2025

This issue is being marked as stale because it has not had any recent activity. It will be closed if no further activity occurs. If this is still an issue in the latest release of Dracut and you would like to keep it open please comment on this issue within the next 7 days. Thank you for your contributions.

@stale stale bot added the stale communication is stuck label Jan 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haraldh haraldh Awaiting requested review from haraldh haraldh is a code owner

@johannbg johannbg Awaiting requested review from johannbg johannbg is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
base Issues related to the base module github Issues related to .github modules Issue tracker for all modules selinux Issues related to the selinux module stale communication is stuck
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Dracut generated initramfs fails to boot with recent kernels due to SELinux Permission Denied errors
1 participant
@gtrentalancia