[rsbac] Newbie: 2.4.18+1.2.1 doesn't start, complains of invalid device

Amon Ott rsbac@rsbac.org
Tue Oct 8 09:43:01 2002 

On Monday, 7. October 2002 21:13, Tomasz Korycki wrote:
> On Mon, 2002-10-07 at 13:04, Tomasz Korycki wrote:
> >>>>>>>>>>>>>>>>> snip! <<<<<<<<<<<<<<<
> > > That looks fine - except the version: I never made a 1.2.1-final patch 
for 
> > > 2.4.18...
> > 
> > My bad: it was 2.4.18 + 1.2.0 (from the /kernels/)
> > 
> 
> OK, since I decided to go absolutely fresh, I found the tar.bz2 file:
> linux-2.4.18-rsbac-v1.2.1.tar.bz2
>
> It is 24539601 bytes, md5sum is 3a404b915478cf9accc8dd733b0829be.

Where did you get that one from? In http://rsbac.org/kernels there is no such 
file, and none of that size or with that md5sum.
 
> And, in /usr/src/linux/include/rsbac/types.h, I found:
> #define RSBAC_VERSION "v1.2.1"
> 
> Anyway, in CONFIG_RSBAC_* everything is off, except:
> _LOG_FULL_PATH
> _AUTH
> _DEBUG
> _PROC
> 
> And here is the lilo stanza:
> --------------- start -----------------
> image=/boot/vm-2.4.18-rs2
> 	label=RSBAC-2
> 	root=/dev/hda12
> 	initrd=/boot/18-rs2.img
> 	append=" devfs=mount rsbac_auth_enable_login rsbac_debug_adf

You might try without devfs, it gave me some problems before. Please also add 
parameter debug.

> rsbac_debug_stack"
> 	vga=0x121
> 	read-only
> -------------- end -------------------
> 
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> snip! <<<<<<<<<<<<<<<<<
> > > 3. If not, please also add rsbac_debug_stack, take one boot log until 
the 
> > > first INVALIDDEV messages appear and send it to me. I need the init 
messages 
> > > up to the part you included.
> > > 
> > 
> 
> > That's what I think I'll do right now. What facility and priority does
> > RSBAC use? I'd like to make it go "somewhere else", to get a clearer
> > picture.

kern.debug for debugging, kern.info for normal boot messages and kern.warning 
for warnings.
 
> > > To get you up and running, another root fs, e.g. ext3, might help.
> > > 
> > 
> > Well, I do not think reiserfs is a problem here: the kernel works fine
> > with it, as long as RSBAC is not enabled. So I'll persist a while longer
> > with it.

It might be the combination of reiserfs and RSBAC.
 
> Out of syslog, starting with first message after reboot:
> ------------------- start -----------------
> Oct  7 14:16:52 switch syslogd 1.4-0: restart.
> Oct  7 14:16:52 switch kernel: klogd 1.4-0, log source = /proc/kmsg
> started.
> Oct  7 14:16:52 switch kernel: Inspecting /boot/System.map
> Oct  7 14:16:52 switch kernel: Loaded 5 symbols from 1 module.
> Oct  7 14:16:52 switch kernel: rned EINVALIDDEV!
> Oct  7 14:16:52 switch kernel: rsbac_get_attr(): Could not lookup device
> 03:12!
> Oct  7 14:16:52 switch kernel: rsbac_adf_request(): rsbac_get_attr() for
> internal returned EINVALIDDEV!
> Oct  7 14:16:52 switch kernel: rsbac_get_attr(): Could not lookup device
> 03:12!
> -------------------- end --------------------
> 
> But, after a few reboots, I got earlier messages off the console, using
> Scroll Lock. I have to type them in, so I'll skip some obvious things. I
> start 2 lines above the first RSBAC message, for context:
> ------------------ start -------------------
> Freeing initrd memory...
> VFS: Mounted root (ext2 filesystem)
> rsbac_mount(): RSBAC not initialized while mounting DEV 00:07, delaying
> Mounted devfs on /dev
> rsbac_mount(): RSBAC not initialized while mounting DEV 00:03, delaying
> rsbac_umount(): RSBAC not initialized
> Red Hat nash starting...
> Mounting /proc
> rsbac_mount(): RSBAC not initialized while mounting DEV 00:03, delaying
> Creating root device
> rsbac_umount(): RSBAC not initialized
> Mounting root filesystem with flags exec,dev,suid,rw
> reiserfs:checking transaction log (device 03:0c)
> ------------------ end ------------------

Right. RSBAC does not get initialized at the right place in the boot 
sequence. It will probably work fine without devfs.

Do you have an initrd? What is DEV 00:03?

> Reiser continues, replays some transactions, and then I get the
> EINVALIDDEV message pair.
> 
> I noticed something: on boot, when I was playing with Ctrl-S and Ctrl-Q
> and copying messages down, eventually I noticed RC scripts being
> executed, whereas when I do not stop the process, I never get there.
> Could there be a timing problem somewhere? This is just a wild guess,
> but it seems to be reproducible: when I leave it alone, it never gets to
> rc files (hence no log), but if I stop it, eventually rc files get run
> and logging starts.

It might be a timing problem as well, but the main problem seems to be the 
boot sequence. RSBAC must be initialized after root mount, but before any 
other mount.

Amon.
--
http://www.rsbac.org