[ubuntu-hardened] Kernel Panic with SELinux and NFS?
Jeff Schroeder
jeffschroed at gmail.com
Mon Apr 13 17:55:54 BST 2009
On Mon, Apr 13, 2009 at 9:16 AM, Kees Cook <kees at ubuntu.com> wrote:
> On Mon, Apr 13, 2009 at 12:28:44PM +0100, Darren McGuicken wrote:
>> * Kees Cook (kees at ubuntu.com) wrote:
>>
>> > On Sun, Apr 12, 2009 at 10:41:00PM +0100, Darren McGuicken wrote:
>> >
>> > > Hardy server without SELinux, sharing files over NFSv4, Jaunty beta
>> > > on my laptop with SELinux enabled == Kernel Panic and hard lock (on
>> > > the server!) when accessing files on the NFS share...
>> >
>> > > 2) Who on earth do I raise the bug report to?
>> >
>> > If you can reduce it to a series of steps that is easy to reproduce,
>> > the best place by far would to be to open a Launchpad bug report
>> > against "linux". I recommend using the "ubuntu-bug linux" command as
>> > that will attach various commonly-requested files, etc.
>>
>> That might be tricky, the server in question runs as my primary mail
>> and web server so randomly crashing it isn't really an option. I'll
>> see if I can set up a vm at some point to replicate the lock in a more
>> controlled manner.
>>
>> Is there any merit in opening the bug with essentially the text above?
>
> It could help other people encountering the problem find the report and
> possibly provide more details.
You might try settting up the crashdump stuff so we can get a vmcore.
If you can attach a vmcore to a bugreport the kernel developers can
look through and see what happened to hang your server. That would
help a LOT with hunting down the bug.
If you would be willing to crash the server once more, you could do this:
- sudo apt-get install crash kexec-tools # Installs the linux kernel
crash dump software that allows you to load up kernel vmcore files and
debug them.
- Add something like this "crashkernel=128M at 16M" to the end of the
kernel command line in /boot/grub/menu.lst
- Make sure you have these 2 lines in /etc/sysctl.conf
kernel.core_uses_pid = 1
kernel.core_pattern = vmcore
You'll have to reboot to make the kernel command line option take effect.
Then when the the problem happens again you should get a vmcore file.
--
Jeff Schroeder
Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com
More information about the ubuntu-hardened
mailing list