I don't have expertise on this issue, but it would be interesting if that bit of shell script there were adjusted to also print out the fstab and possibly other diagnostic information relevant to the problem. That way, you might get a clue as to where /boot is coming from. Then again, I'm not even sure if that is something you can edit with your current situation. You did say the system was unbootable. It's probably an edit you'd need to make while mounting the hard disk from another system, like a live cd for example.

On Sunday, April 20, 2014, Dale Harris rodmur@gmail.com wrote:

Sorry if you see this twice, I may have goofed:

Hey,

So I was playing around with trying to get a CentOS 6.5 system FIPS-140 complaint. However, my system panics because it cannot find the hmac file associated with my kernel. It's basically as what is going on is described in this bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=805538

The /sbin/fips.sh script in the initramfs there is a bit of code:

if ! [ -e "/boot/.vmlinuz-${KERNEL}.hmac" ]; then warn "/boot/.vmlinuz-${KERNEL}.hmac does not exist" return 1 fi

But that file does exist on the system. I guess the initramfs may not see the /boot directory on the system? Or is it trying to look for /boot inside the initramfs? If so that would explain my problem. I haven't verified any of this yet. But seems like /boot ought to be mounted for the system... anyone know of a fix for this?

-- Dale Harris rodmur@maybe.org javascript:; rodmur@gmail.com javascript:; /.-) _______________________________________________ CentOS mailing list CentOS@centos.org javascript:; http://lists.centos.org/mailman/listinfo/centos

I don't have expertise on this issue, but it would be interesting if that bit of shell script there were adjusted to also print out the fstab and possibly other diagnostic information relevant to the problem. That way, you might get a clue as to where /boot is coming from. Then again, I'm not even sure if that is something you can edit with your current situation. You did say the system was unbootable. It's probably an edit you'd need to make while mounting the hard disk from another system, like a live cd for example.

On Sunday, April 20, 2014, Dale Harris <rodmur@gmail.comjavascript:_e(%7B%7D,'cvml','rodmur@gmail.com');> wrote:

Sorry if you see this twice, I may have goofed:

Hey,

So I was playing around with trying to get a CentOS 6.5 system FIPS-140 complaint. However, my system panics because it cannot find the hmac file associated with my kernel. It's basically as what is going on is described in this bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=805538

The /sbin/fips.sh script in the initramfs there is a bit of code:

if ! [ -e "/boot/.vmlinuz-${KERNEL}.hmac" ]; then warn "/boot/.vmlinuz-${KERNEL}.hmac does not exist" return 1 fi

But that file does exist on the system. I guess the initramfs may not see the /boot directory on the system? Or is it trying to look for /boot inside the initramfs? If so that would explain my problem. I haven't verified any of this yet. But seems like /boot ought to be mounted for the system... anyone know of a fix for this?

-- Dale Harris rodmur@maybe.org rodmur@gmail.com /.-) _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos