[CentOS] Kernel panic when booting into FIPS mode

Dale Harris rodmur at gmail.com
Mon Apr 21 05:50:51 UTC 2014 

So as usual, I was skipping a step. I did need to include the boot=
kernel parameter since /boot was separate from root.  It wasn't
getting mounted. Everything seems to be working now.

On Sun, Apr 20, 2014 at 11:59 PM, Evan Rowley <rowley.evan at gmail.com> wrote:
> I don't have expertise on this issue, but it would be interesting if that
> bit of shell script there were adjusted to also print out the fstab and
> possibly other diagnostic information relevant to the problem. That way,
> you might get a clue as to where /boot is coming from. Then again, I'm not
> even sure if that is something you can edit with your current situation.
> You did say the system was unbootable.  It's probably an edit you'd need to
> make while mounting the hard disk from another system, like a live cd for
> example.
>
> On Sunday, April 20, 2014, Dale Harris <rodmur at gmail.com> wrote:
>
>> Sorry if you see this twice, I may have goofed:
>>
>> Hey,
>>
>> So I was playing around with trying to get a CentOS 6.5 system
>> FIPS-140 complaint. However, my system panics because it cannot find
>> the hmac file associated with my kernel.  It's basically as what is
>> going on is described in this bug report:
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=805538
>>
>> The /sbin/fips.sh script in the initramfs there is a bit of code:
>>
>> if ! [ -e "/boot/.vmlinuz-${KERNEL}.hmac" ]; then
>>     warn "/boot/.vmlinuz-${KERNEL}.hmac does not exist"
>>     return 1
>> fi
>>
>> But that file does exist on the system.  I guess the initramfs may not
>> see the /boot directory on the system?  Or is it trying to look for
>> /boot inside the initramfs? If so that would explain my problem. I
>> haven't verified any of this yet. But seems like /boot ought to be
>> mounted for the system... anyone know of a fix for this?
>>
>>
>> --
>> Dale Harris
>> rodmur at maybe.org <javascript:;>
>> rodmur at gmail.com <javascript:;>
>> /.-)
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org <javascript:;>
>> http://lists.centos.org/mailman/listinfo/centos
>>
>
>
> --
>  - EJR
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos



-- 
Dale Harris
rodmur at maybe.org
rodmur at gmail.com
/.-)

More information about the CentOS mailing list