After a failed yum upgrade (darn low memory) I noticed my CentOS NTP server was not booting anymore. Look at console showed progress bar still loading but pressing
Escape showed the real issue:
Failed to load SELinux policy, freezing.
The first thing in that situation is to try booting without SELinux and the easiest way I found to accomplish this was pressing
e on boot menu and then adding
selinux=0 at the end of line starting with
linux16. Continuing boot with
Ctrl+X will load CentOS but with SELinux disabled.
As I actually don't run my public-facing servers without SELinux, it was time to fix it. Since I didn't have package before, I installed
selinux-policy-targeted but I would equally use reinstall if package was already present. In any case, running both doesn't hurt:
sudo yum install -y selinux-policy-targeted
sudo yum reinstall -y selinux-policy-targeted
Finally we need to let system know SELinux should be reapplied. This can be done by creating a special
.autorelabel file in the root directory followed by a reboot:
sudo touch /.autorelabel
During reboot SELinux will reapply all labeling it needs and we can enjoy our server again.