dracut: SELinux: Could not open policy file <= /etc/selinux/disable/policy/policy.24: No such file or directory /sbin/load_policy
Environment
- Red Hat Enterprise Linux 6
Issue
- Kernel panic occurs with the following message after changing /etc/selinux/config to disable SELinux.
dracut: Loading SELinux policy
type=1404 audit(<snip>): enforcing=1 old_enforcing=0 audit=<snip> ses=<snip>
dracut: SELinux: Could not open policy file <= /etc/selinux/disable/policy/policy.24: No such file or directory /sbin/load_policy: Can't load policy and <snip>
No such file or directory
dracut Warning: Initial SELinux policy load failed.
dracut: FATAL: Initial SELinux policy load failed. Machine in enforcing mode. To disable selinux, add selinux=0 to the kernel command line.
dracut: Refusing to continue
dracut Warning: Signal caught!
Resolution
Disable selinux with one of the following procedures after booting from rescue environment:
1)set the following configurations for disabling selinux in /etc/selinux/config:
SELINUX=disabled
SELINUXTYPE=targeted
2)Use the following parameter for disabling selinux in /boot/grub/grub.conf:
kernel vmlinuz-2.6.32-220.el6.x86_64 <snip> selinux=0
If SELinux is intended to be used, regenerate the policy file with the command
# semodule -B
Then reboot the system.
Root Cause
- SElinux policy file was not recreated correctly.
Diagnostic Steps
Check to see if /etc/selinux/disable/policy/policy.24 exists.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments