On boot, after multiple SELinux errors (unrelated, when SELinux set to permissive, boot failure still occurs). Get this error: Out of Memory: Killed process 924 (udevstart). /lib/rcscripts/addons/udev-start.sh: line 50: 924 Killed /sbin/udevstart Then fsck.ext3 returs: No such file or directory while trying to open /dev/hda3 And then the classic superblock error because it can't find the device. System information follows. Version of sys-fs/udev: 087 Version of hardened-sources: 2.6.14-r6 PaX Options: Standard as in PaX quickstart PIE/SSL Userland Enabled. Emerge --Info: Portage 2.0.54 (selinux/2005.1/x86/hardened, gcc-3.4.5, glibc-2.3.5-r3, 2.6.14-hardened-r6 i686) ======================= System uname: 2.6.14-hardened-r6 i686 Pentium III (Coppermine) Gentoo Base System version 1.6.14 dev-lang/python: 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.66-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/env.d" CXXFLAGS="-O2 -march=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox selinux sfperms strict" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X509 acpi adns apache2 authdaemond bash-completion berkdb bzip2 ccache chroot clamav crypt dlloader erandom ethereal expat extentions gdbm gpm hardened imap ips ipv6 jpeg logrotate logwatch ncurses nls pam perl pic pie png python readline selinux session ssl tcpd udev urandom usb user-homedirs virus-scan x86 xml zlib userland_GNU kernel_linux elinb_glibc" Unset: ASFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTDIR_OVERLAY
What does dmesg(3) say about the PaX kill? Does this happen only when your policy is enabled?
> Out of Memory: Killed process 924 (udevstart). This part looks like OOM kicking in.
The dmesg(3) entry says only two lines about the kill, besides the memory information between the first and the second. The second one was posted prior. oom-killer: gfp_mask=0x601d2, order=0 And, haven't tried with PaX not enforcing. Actually, I wasn't aware PaX could be turned off.
I have the same problem, Same kernel, same udev. udevstart gets killed: Out of memory. But I don't have pax enabled, onley selinux and hardened/pie/pic. I can continue booting by pressing Ctrl-D. It boots, but reports that /dev/tty* is missing and does not come up whit a login screen. If I boot a livecd and mount/chroot my system, udevstart also craches, but if I fist activate my swap (swapon /dev/hda2) and then run udevstart, it works. udevstart is running before the swap space is mounted. But if I enter the maintainance console when booting, and then manualy try to swapon, mount /dev and run udevstart, it does crashe again, but now onley telling me it's killed, and nothing else, no out of memory or other udevstart output. Also udevd gets killed the same time.
Very strange... I've tried booting enforcing=0, but it still fails. So it's a pie/ssp problem.
same here i can boot only if append selinux=0 to kernel Portage 2.0.54 (selinux/2005.1/x86/hardened, gcc-3.4.5, glibc-2.3.5-r3, 2.6.14-hardened-r5-2 i686) ================================================================= System uname: 2.6.14-hardened-r5-2 i686 Pentium II (Klamath) Gentoo Base System version 1.6.14 ccache version 2.3 [enabled] dev-lang/python: 2.3.5-r2, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=i686 -O2 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=i686 -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache distlocks loadpolicy sandbox selinux sfperms strict" GENTOO_MIRRORS="http://mirror.datapipe.net/gentoo http://ftp.ntua.gr/pub/linux/gentoo/ http://gentoo.osuosl.org/distfiles/" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp/portage" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="apache2 bash-completion berkdb bzip2 crypt curl dlloader expat gd gmp hal hardened idn jpeg ldap libwww logrotate maildir maketest mhash mppe-mppc ncurses nls nptl pam pam_chroot pam_console pam_timestamp pcre perl pic png python readline samba sasl selinux skey ssl tcpd test tiff udev userlocales x86 xml2 zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY [ebuild R ] sys-fs/udev-087 +selinux 0 kB [ebuild R ] sys-apps/baselayout-1.11.14-r6 -bootstrap -build -static -unicode 0 kB
Temp. work around: If you can access /etc/conf.d/rc (mabey a livecd and mount your /dev/ROOT) edit it: RC_DEVICES="static" RC_DEVICE_TARBALL="no" Now boot your system normally (permissive), because it won't try to load udev and onley uses static files in /dev/. Edit /etc/conf.d/rc RC_DEVICES="udev" RC_DEVICE_TARBALL="yes" If you reboot now, it will build a tar bal of your static devices. On boot after mouting /dev/ it will first upack the tar bal to /dev/ and then run udevstart, wich still craches. But now it won't mis importent devices as /dev/hda so the system wil be able to continue booting. Missing devices can now be added manualy and will be rememberd after boot.
Waiting for more permenent solution before I put in place (non-critical box, so I can just run selinux=0) but, it looks like that fix would work.
Can someone confirm that a kernel built from the newest sources (make menuconfig, not sure about genkernel) still has selinux errors on boots, but doesn't kill udev?
(In reply to comment #9) > Can someone confirm that a kernel built from the newest sources (make > menuconfig, not sure about genkernel) still has selinux errors on boots, but > doesn't kill udev? > No, It still does. I have configured a nother system which has exactly the same problem. It still get's killed by oom-killer. I have some more info now, by setting udev to static, mounting tmpfs on /dev manual and run udevd& and udevstart manualy I can get all the information oom-killer dumps: May 3 13:49:12 seol oom-killer: gfp_mask=0x601d2, order=0 May 3 13:49:13 seol Mem-info: May 3 13:49:13 seol DMA per-cpu: May 3 13:49:13 seol cpu 0 hot: low 2, high 6, batch 1 used:5 May 3 13:49:13 seol cpu 0 cold: low 0, high 2, batch 1 used:1 May 3 13:49:13 seol Normal per-cpu: May 3 13:49:13 seol cpu 0 hot: low 30, high 90, batch 15 used:38 May 3 13:49:13 seol cpu 0 cold: low 0, high 30, batch 15 used:26 May 3 13:49:13 seol HighMem per-cpu: empty May 3 13:49:13 seol Free pages: 2708kB (0kB HighMem) May 3 13:49:13 seol Active:22652 inactive:22381 dirty:0 writeback:0 unstable:0 free:677 slab:1515 mapped:45007 pagetables:155 May 3 13:49:13 seol DMA free:844kB min:144kB low:180kB high:216kB active:6200kB inactive:5776kB present:16384kB pages_scanned:12440 all_unreclaimable? yes May 3 13:49:13 seol lowmem_reserve[]: 0 175 175 May 3 13:49:13 seol Normal free:1864kB min:1624kB low:2028kB high:2436kB active:84408kB inactive:83748kB present:180216kB pages_scanned:216824 all_unreclaimable? yes May 3 13:49:13 seol lowmem_reserve[]: 0 0 0 May 3 13:49:13 seol HighMem free:0kB min:128kB low:160kB high:192kB active:0kB inactive:0kB present:0kB pages_scanned:0 all_unreclaimable? no May 3 13:49:13 seol lowmem_reserve[]: 0 0 0 May 3 13:49:13 seol DMA: 1*4kB 1*8kB 0*16kB 0*32kB 1*64kB 0*128kB 1*256kB 1*512kB 0*1024kB 0*2048kB 0*4096kB = 844kB May 3 13:49:13 seol Normal: 42*4kB 10*8kB 1*16kB 0*32kB 1*64kB 0*128kB 0*256kB 1*512kB 1*1024kB 0*2048kB 0*4096kB = 1864kB May 3 13:49:13 seol HighMem: empty May 3 13:49:13 seol Swap cache: add 63789, delete 63781, find 68/100, race 0+0 May 3 13:49:13 seol Free swap = 0kB May 3 13:49:13 seol Total swap = 254008kB May 3 13:49:13 seol Free swap: 0kB May 3 13:49:13 seol 49150 pages of RAM May 3 13:49:13 seol 0 pages of HIGHMEM May 3 13:49:13 seol 1385 reserved pages May 3 13:49:13 seol 29 pages shared May 3 13:49:13 seol 8 pages swap cached May 3 13:49:13 seol 0 pages dirty May 3 13:49:13 seol 0 pages writeback May 3 13:49:13 seol 45007 pages mapped May 3 13:49:13 seol 1515 pages slab May 3 13:49:13 seol 155 pages pagetables May 3 13:49:13 seol Out of Memory: Killed process 8078 (udevd). May 3 13:49:13 seol oom-killer: gfp_mask=0x601d2, order=0 May 3 13:49:13 seol Mem-info: May 3 13:49:13 seol DMA per-cpu: May 3 13:49:13 seol cpu 0 hot: low 2, high 6, batch 1 used:5 May 3 13:49:13 seol cpu 0 cold: low 0, high 2, batch 1 used:0 May 3 13:49:13 seol Normal per-cpu: May 3 13:49:13 seol cpu 0 hot: low 30, high 90, batch 15 used:34 May 3 13:49:13 seol cpu 0 cold: low 0, high 30, batch 15 used:14 May 3 13:49:13 seol HighMem per-cpu: empty May 3 13:49:13 seol Free pages: 2468kB (0kB HighMem) May 3 13:49:13 seol Active:23036 inactive:22067 dirty:0 writeback:45 unstable:0 free:617 slab:1516 mapped:44966 pagetables:152 May 3 13:49:13 seol DMA free:844kB min:144kB low:180kB high:216kB active:6316kB inactive:5652kB present:16384kB pages_scanned:299 all_unreclaimable? no May 3 13:49:13 seol lowmem_reserve[]: 0 175 175 May 3 13:49:13 seol Normal free:1624kB min:1624kB low:2028kB high:2436kB active:85828kB inactive:82616kB present:180216kB pages_scanned:218280 all_unreclaimable? yes May 3 13:49:13 seol lowmem_reserve[]: 0 0 0 May 3 13:49:13 seol HighMem free:0kB min:128kB low:160kB high:192kB active:0kB inactive:0kB present:0kB pages_scanned:0 all_unreclaimable? no May 3 13:49:13 seol lowmem_reserve[]: 0 0 0 May 3 13:49:13 seol DMA: 1*4kB 1*8kB 0*16kB 0*32kB 1*64kB 0*128kB 1*256kB 1*512kB 0*1024kB 0*2048kB 0*4096kB = 844kB May 3 13:49:13 seol Normal: 0*4kB 1*8kB 1*16kB 0*32kB 1*64kB 0*128kB 0*256kB 1*512kB 1*1024kB 0*2048kB 0*4096kB = 1624kB May 3 13:49:13 seol HighMem: empty May 3 13:49:13 seol Swap cache: add 63843, delete 63783, find 68/101, race 0+0 May 3 13:49:13 seol Free swap = 0kB May 3 13:49:13 seol Total swap = 254008kB May 3 13:49:13 seol Free swap: 0kB May 3 13:49:13 seol 49150 pages of RAM May 3 13:49:13 seol 0 pages of HIGHMEM May 3 13:49:13 seol 1385 reserved pages May 3 13:49:13 seol 32 pages shared May 3 13:49:13 seol 60 pages swap cached May 3 13:49:13 seol 0 pages dirty May 3 13:49:13 seol 45 pages writeback May 3 13:49:13 seol 44966 pages mapped May 3 13:49:13 seol 1516 pages slab May 3 13:49:13 seol 152 pages pagetables May 3 13:49:13 seol Out of Memory: Killed process 8079 (udevstart). May 3 13:49:13 seol oom-killer: gfp_mask=0x601d2, order=0 May 3 13:49:13 seol Mem-info: May 3 13:49:13 seol DMA per-cpu: May 3 13:49:13 seol cpu 0 hot: low 2, high 6, batch 1 used:5 May 3 13:49:13 seol cpu 0 cold: low 0, high 2, batch 1 used:1 May 3 13:49:13 seol Normal per-cpu: May 3 13:49:13 seol cpu 0 hot: low 30, high 90, batch 15 used:34 May 3 13:49:13 seol cpu 0 cold: low 0, high 30, batch 15 used:14 May 3 13:49:13 seol HighMem per-cpu: empty May 3 13:49:13 seol Free pages: 2468kB (0kB HighMem) May 3 13:49:13 seol Active:23002 inactive:22100 dirty:0 writeback:0 unstable:0 free:617 slab:1516 mapped:44967 pagetables:152 May 3 13:49:13 seol DMA free:844kB min:144kB low:180kB high:216kB active:6068kB inactive:5896kB present:16384kB pages_scanned:8975 all_unreclaimable? no May 3 13:49:13 seol lowmem_reserve[]: 0 175 175 May 3 13:49:13 seol Normal free:1624kB min:1624kB low:2028kB high:2436kB active:85940kB inactive:82504kB present:180216kB pages_scanned:218384 all_unreclaimable? yes May 3 13:49:13 seol lowmem_reserve[]: 0 0 0 May 3 13:49:13 seol HighMem free:0kB min:128kB low:160kB high:192kB active:0kB inactive:0kB present:0kB pages_scanned:0 all_unreclaimable? no May 3 13:49:13 seol lowmem_reserve[]: 0 0 0 May 3 13:49:13 seol DMA: 1*4kB 1*8kB 0*16kB 0*32kB 1*64kB 0*128kB 1*256kB 1*512kB 0*1024kB 0*2048kB 0*4096kB = 844kB May 3 13:49:13 seol Normal: 0*4kB 1*8kB 1*16kB 0*32kB 1*64kB 0*128kB 0*256kB 1*512kB 1*1024kB 0*2048kB 0*4096kB = 1624kB May 3 13:49:13 seol HighMem: empty May 3 13:49:13 seol Swap cache: add 63843, delete 63783, find 68/101, race 0+0 May 3 13:49:13 seol Free swap = 0kB May 3 13:49:13 seol Total swap = 254008kB May 3 13:49:13 seol Free swap: 0kB May 3 13:49:13 seol 49150 pages of RAM May 3 13:49:13 seol 0 pages of HIGHMEM May 3 13:49:13 seol 1385 reserved pages May 3 13:49:13 seol 31 pages shared May 3 13:49:13 seol 60 pages swap cached May 3 13:49:13 seol 0 pages dirty May 3 13:49:13 seol 0 pages writeback May 3 13:49:13 seol 44967 pages mapped May 3 13:49:13 seol 1516 pages slab May 3 13:49:13 seol 152 pages pagetables System info: Mem: 191124k total, 137308k used, 53816k free, 31324k buffers Swap: 254008k total, 20204k used, 233804k free, 28204k cached Portage 2203-svn (selinux/2005.1/x86/hardened, gcc-3.3.6, glibc-2.3.6-r3, 2.6.14-hardened-r8 i686) ================================================================= System uname: 2.6.14-hardened-r8 i686 Pentium II (Klamath) Gentoo Base System version 1.6.14 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] dev-lang/python: 2.3.4, 2.4.2 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-fomit-frame-pointer -march=pentium2 -O3 -pipe -funroll-loops" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-fomit-frame-pointer -march=pentium2 -O3 -pipe -funroll-loops" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks loadpolicy sandbox selinux sfperms strict" GENTOO_MIRRORS="http://ftp.snt.utwente.nl/pub/os/linux/gentoo/" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acpi apache2 berkdb bzip2 crypt cups dlloader expat gdbm gpm hardened imap ipv6 java jpeg ldap libwww maildir mhash mysql ncurses nls nptl nptlonly pam pcre perl php pic pie png postgres python readline sasl selinux ssl symlink tcpd tiff truetype udev usb x86 zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
Going to the latest unstable hardened kernel (hardened-sources-2.6.16-r6) seems to solve the problem for me.
It also worked for me! Strange do, that the unstabel version is more stabel than the stabel. :) Tanx for the support.
Bug inactive. I assume upstream has fixed the problem. Reopen if I'm incorrect.
