Selinux的bug导致系统当机
系统环境:Red Hat Enterprise Linux ES release 4 (Nahant Update 2)
Selinux版本:selinux-policy-targeted-1.17.30-2.110
故障现象:
此版本的selinux存在Bug,当启用Selinux后,有可能会报以下错误,最终导致系统重启或者死机.
dbus: Can't send to audit system: USER_AVC pid=3097 uid=81 loginuid=-1 message=avc: denied { send_msg
} for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus
解决方法:
1.关闭Selinux可以解决,方法:编辑/etc/sysconfig/selinux,设置SELINUXTYPE=targeted或者SELINUXTYPE=disabled;
----------------------------------------------------------------------------------
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=permissive
#SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
----------------------------------------------------------------------------------
2.升级selinux-policy-targeted版本到1.17.30-2.126
<升级方法略>
Redhat官方链接:
阅读(1677) | 评论(0) | 转发(0) |
