After a failed yum upgrade (darn low memory) I noticed my CentOS NTP server was not booting anymore. Look at console showed progress bar still loading but pressing Escape
showed the real issue: Failed to load SELinux policy, freezing.
The first thing in that situation is to try booting without SELinux and the easiest way I found to accomplish this was pressing e
on boot menu and then adding selinux=0
at the end of line starting with linux16
. Continuing boot with Ctrl+X
will load CentOS but with SELinux disabled.
As I actually don’t run my public-facing servers without SELinux, it was time to fix it. Since I didn’t have package before, I installed selinux-policy-targeted
but I would equally use reinstall if package was already present. In any case, running both doesn’t hurt:
sudo yum install -y selinux-policy-targeted
sudo yum reinstall -y selinux-policy-targeted
Finally we need to let system know SELinux should be reapplied. This can be done by creating a special .autorelabel
file in the root directory followed by a reboot:
sudo touch /.autorelabel
sudo reboot
During reboot SELinux will reapply all labeling it needs and we can enjoy our server again.