You are not logged in.

#1 2013-05-26 15:13:42

genghizkhan91
Member
From: Kyoto, Japan
Registered: 2013-03-26
Posts: 32
Website

systemd with audit daemon causing errors during boot

I've been trying to get SELinux up and running on my laptop (I have a lot of time on my hands and I think the project is very interesting). After breaking my head on the AUR packages and arriving nowhere due to incorrectly set up policies, I decided to stake out on my own. I built the systemd package with the --enable-selinux and --enable-audit options and enabled auditd.service. The kernel I'm using is linux-ice-3.9.3 with SELinux and Auditing enabled. Everything went beautifully up to the point where I rebooted because this is where I get a problem:

May 26 13:28:39 Empire systemd[1]: Found ordering cycle on basic.target/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to sockets.target/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to dbus.socket/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to sysinit.target/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to systemd-update-utmp.service/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to auditd.service/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to basic.target/start
May 26 13:28:39 Empire systemd[1]: Breaking ordering cycle by deleting job sockets.target/start
May 26 13:28:39 Empire systemd[1]: Job sockets.target/start deleted to break ordering cycle starting with basic.target/start
May 26 13:28:39 Empire systemd[1]: Found ordering cycle on basic.target/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to sysinit.target/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to systemd-update-utmp.service/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to auditd.service/start
May 26 13:28:39 Empire systemd[1]: Walked on cycle path to basic.target/start
May 26 13:28:39 Empire systemd[1]: Breaking ordering cycle by deleting job systemd-update-utmp.service/start
May 26 13:28:39 Empire systemd[1]: Job systemd-update-utmp.service/start deleted to break ordering cycle starting with basic.target/start

When this happens, sockets.target and systemd-update-utmp.service do not start causing me great problems. I know that the kernel is not the cause of this problem because booting from a stock kernel causes the same set of messages to appear. However, if I switch to the selinux-systemd-203 package and compile it with auditing enabled there's no problem. The selinux-systemd-203 PKGBUILD is very similar to the stock systemd-204 PKGBUILD and neither causes problems when the --disable-auditing flag is set. Can anybody confirm this or point me to a set of patches to alleviate this problem?

Also, does anyone have a good set of SELinux policies for deployment? The refpolicy-20130423 is hardly up to scratch to deal with a properly setup Arch system.

Edit: I just saw this problem occur in a non-SELinux-enabled kernel (linux-ice-3.9.4-1) with both the systemd and audit packages from the official repos.

Last edited by genghizkhan91 (2013-05-28 04:28:24)


Dotfiles | Blog
ArchLinux 64 - Dell Studio 1458, Intel Nehalem i5 460M 2.54 GHz, 4GB RAM, ATI Radeon 5450

Offline

#2 2013-05-27 16:44:46

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 19,728

Re: systemd with audit daemon causing errors during boot

Moved.  For future reference, the best way to ask for a thread to be moved is to use the 'report' link and leave a short note for the moderators.  Thanks.


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

Board footer

Powered by FluxBB