High number of Selinux issues after upgrading to Fedora 36

Was your original issue also a flooding of SELinux errors?

Obviously that is not an issue with the location of the files since the proper files are showing in /boot. The other commands are not needed, and were only a suggestion if the proper files did not show in /boot.

Do you see the grub menu when you boot?
If not then the next time you boot hold the shift key and it should display. You can then select the newer kernel to boot from for that time.

Also please post the output of
sudo cat /boot/grub2/grubenv and
sudo cat /etc/default/grub as well as
sudo ls /boot/loader/entries so we can see what those look like. It seems that somehow the default kernel for booting is the f34 kernel you are booting with.

We can fix the problem once enough info is available to do a detailed fix.

Ok here’s the output of sudo cat /boot/grub2/grubenv

# GRUB Environment Block
# WARNING: Do not edit this file by tools other than grub-editenv!!!
boot_success=1
saved_entry=b5aecdd710d14ca682224c6ca7250831-5.17.8-300.fc36.x86_64
boot_indeterminate=7
##########################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################

sudo cat /etc/default/grub

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="rd.driver.blacklist=nouveau modprobe.blacklist=nouveau nvidia-drm.modeset=1 resume=/dev/mapper/fedora_localhost--live-swap rd.lvm.lv=fedora_localhost-live/root rd.luks.uuid=luks-dc093f83-04a1-45bd-8d69-0386733b29d1 rd.lvm.lv=fedora_localhost-live/swap rhgb quiet snd_hda_intel.dmic_detect=1"
GRUB_DISABLE_RECOVERY="true"
GRUB_ENABLE_BLSCFG=true
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash nouveau.modeset=0 mem_sleep_default=deep"

And sudo ls /boot/loader/entries:

b5aecdd710d14ca682224c6ca7250831-0-rescue.conf
b5aecdd710d14ca682224c6ca7250831-5.17.7-300.fc36.x86_64.conf
b5aecdd710d14ca682224c6ca7250831-5.17.8-300.fc36.x86_64.conf

You never want to do that, nor do you need to.

1 Like

Not really flooding but a lot of persistent and repeating SELinux errors.
BTW. The kernel option selinux=0 is for me a workaround. As noted in /etc/selinux/config changing to SELINUX=permissive may not be enough.

Thanks for the hint, to narrow the problem by temporary disabling SELinux. Yes this is only a lead and not as solution. Tomorrow I’m going to ask in a new tread, how autorelable can cause something like: Failed at step EXEC spawning /usr/lib/systemd/systemd: Permission denied,

Oh and I can see the Grub menu alright, but all the kernels listed are the 5.12.9-300.fc34 one or older ones

can you do
sudo grubby --info=ALL

Thanks

Have you tried dnf autoremove to see what files may not be needed anymore since you upgraded.

Hi @forgottenmacaroni
Perhaps you trapped into the same ‘reinstall’ issue, like me.
I was able to solve my problem with the doing the official workaround right.

Here’s the output of sudo grubby --info=ALL:

index=0
kernel="/boot/vmlinuz-5.17.11-300.fc36.x86_64"
args="ro rd.driver.blacklist=nouveau modprobe.blacklist=nouveau nvidia-drm.modeset=1 resume=/dev/mapper/fedora_localhost--live-swap rd.lvm.lv=fedora_localhost-live/root rd.luks.uuid=luks-dc093f83-04a1-45bd-8d69-0386733b29d1 rd.lvm.lv=fedora_localhost-live/swap rhgb quiet snd_hda_intel.dmic_detect=1 loglevel=3 snd_hda_intel.dmic_detect=0"
root="/dev/mapper/fedora_localhost--live-root"
initrd="/boot/initramfs-5.17.11-300.fc36.x86_64.img"
title="Fedora Linux (5.17.11-300.fc36.x86_64) 36 (Thirty Six)"
id="b5aecdd710d14ca682224c6ca7250831-5.17.11-300.fc36.x86_64"
index=1
kernel="/boot/vmlinuz-5.17.8-300.fc36.x86_64"
args="ro rd.driver.blacklist=nouveau modprobe.blacklist=nouveau nvidia-drm.modeset=1 resume=/dev/mapper/fedora_localhost--live-swap rd.lvm.lv=fedora_localhost-live/root rd.luks.uuid=luks-dc093f83-04a1-45bd-8d69-0386733b29d1 rd.lvm.lv=fedora_localhost-live/swap rhgb quiet snd_hda_intel.dmic_detect=1 loglevel=3 snd_hda_intel.dmic_detect=0"
root="/dev/mapper/fedora_localhost--live-root"
initrd="/boot/initramfs-5.17.8-300.fc36.x86_64.img"
title="Fedora Linux (5.17.8-300.fc36.x86_64) 36 (Thirty Six)"
id="b5aecdd710d14ca682224c6ca7250831-5.17.8-300.fc36.x86_64"
index=2
kernel="/boot/vmlinuz-0-rescue-b5aecdd710d14ca682224c6ca7250831"
args="ro rd.driver.blacklist=nouveau modprobe.blacklist=nouveau nvidia-drm.modeset=1 resume=/dev/mapper/fedora_localhost--live-swap rd.lvm.lv=fedora_localhost-live/root rd.luks.uuid=luks-dc093f83-04a1-45bd-8d69-0386733b29d1 rd.lvm.lv=fedora_localhost-live/swap rhgb quiet snd_hda_intel.dmic_detect=1 loglevel=3 snd_hda_intel.dmic_detect=0"
root="/dev/mapper/fedora_localhost--live-root"
initrd="/boot/initramfs-0-rescue-b5aecdd710d14ca682224c6ca7250831.img"
title="Fedora (0-rescue-b5aecdd710d14ca682224c6ca7250831) 34 (Thirty Four)"
id="b5aecdd710d14ca682224c6ca7250831-0-rescue"
1 Like

I don’t think I have the same issue, my problem comes from my system using a Fedora 34 kernel

I just did, no effect sadly.

I mentionned it before, but could there be a link between the NVIDIA kernel module missing. Falling back to nouveau error I have at boot and the fact that that this old kernel is being used?

grubby --default-kernel

if it’s not one of the F36 ones.
you can try:
grubby --set-default="/boot/vmlinuz-5.17.11-300.fc36.x86_64"

before you reboot

touch /.autorelabel

grubby --default-kernel outputs /boot/vmlinuz-5.17.11-300.fc36.x86_64, I therefore did not ran the following commands as say…

The old kernel is from the rescue image of grub. It would be the original rescue kernel from when you originally installed Fedora Linux onto your system. It doesn’t update when you update or upgrade your system in Workstation.

Hmm ok. But why is my system using it and how can I fix this?..

I note the listing you show indicates your index 2 kernal as …

It isn’t your booted kernel though as you have found by using the command @grumpey mentioned.

sudo cat /boot/efi/EFI/fedora/grub.cfg

sudo ls /boot/efi/EFI

boot_indeterminate=7

Does not seem right based on /etc/grub.d/10_reset_boot_success