SELinux Error

Alexander Sicular siculars at gmail.com
Fri Oct 1 10:17:05 EDT 2010


But then why would you use selinux?

On 2010-10-01, 朱轩印 <davidzhu.4.2 at gmail.com> wrote:
> Have you tried to disable selinux?
>
> On centos/fedora, you can run command "system-config-selinux" and mark the
> "disabled" option.
>
> On Fri, Oct 1, 2010 at 12:55 PM, Madireddy Samuel Vijaykumar <
> mad.vijay at gmail.com> wrote:
>
>> I have built riak on my machine, and did not copy the build from another
>> machine. No nothing Else has changed in my machine. Its a fresh install of
>> Fedora13 and i have not really meddled around with the SELinux settings.
>>
>> Sam
>> """
>> Anyday...
>> Above the ground and vertical
>> ... is a good day!
>> """
>> http://megam.info
>> :)~
>>
>>
>>
>>
>> On Fri, Oct 1, 2010 at 4:53 AM, Dan Reverri <dan at basho.com> wrote:
>>
>>> I've never seen that error message. It looks like you've built Riak from
>>> source in "/livingcode/sandbox/riak/riak-0.12.0". Did you build Riak on
>>> that
>>> machine or copy the built release from another machine? Has anything else
>>> on
>>> the machine changed?
>>>
>>> Thanks,
>>> Dan
>>>
>>> Daniel Reverri
>>> Developer Advocate
>>> Basho Technologies, Inc.
>>> dan at basho.com
>>>
>>>
>>> On Wed, Sep 29, 2010 at 1:31 AM, Madireddy Samuel Vijaykumar <
>>> mad.vijay at gmail.com> wrote:
>>>
>>>> When do a ...
>>>>
>>>> $ bin/riak start
>>>>
>>>> I get a SELinux Security Alert and the riak node is never started. The
>>>> following the SELinux error, has anyone looked into this?
>>>>
>>>> Summary:
>>>>
>>>> SELinux is preventing access to files with the label, file_t.
>>>>
>>>> Detailed Description:
>>>>
>>>> SELinux permission checks on files labeled file_t are being denied.
>>>> file_t is
>>>> the context the SELinux kernel gives to files that do not have a label.
>>>> This
>>>> indicates a serious labeling problem. No files on an SELinux box should
>>>> ever be
>>>> labeled file_t. If you have just added a disk drive to the system you
>>>> can
>>>> relabel it using the restorecon command. For example if you saved the
>>>> home
>>>> directory from a previous installation that did not use SELinux,
>>>> 'restorecon -R
>>>> -v /home' will fix the labels. Otherwise you should relabel the entire
>>>> file
>>>> system.
>>>>
>>>> Allowing Access:
>>>>
>>>> You can execute the following command as root to relabel your computer
>>>> system:
>>>> "touch /.autorelabel; reboot"
>>>>
>>>> Additional Information:
>>>>
>>>> Source Context
>>>>  unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
>>>>                               023
>>>> Target Context                unconfined_u:object_r:file_t:s0
>>>> Target Objects
>>>>  /livingcode/sandbox/riak/riak-0.12.0/rel/riak/lib/
>>>>                               erlang_js-0.4/priv/erlang_js_drv.so [ file
>>>> ]
>>>> Source                        beam.smp
>>>> Source Path
>>>> /livingcode/sandbox/riak/riak-0.12.0/rel/riak/erts
>>>>                               -5.8/bin/beam.smp
>>>> Port                          <Unknown>
>>>> Host                          sam.csslabs
>>>> Source RPM Packages
>>>> Target RPM Packages
>>>> Policy RPM                    selinux-policy-3.7.19-57.fc13
>>>> Selinux Enabled               True
>>>> Policy Type                   targeted
>>>> Enforcing Mode                Enforcing
>>>> Plugin Name                   file
>>>> Host Name                     sam.csslabs
>>>> Platform                      Linux sam.csslabs 2.6.34.7-56.fc13.i686 #1
>>>> SMP Wed
>>>>                               Sep 15 03:33:58 UTC 2010 i686 i686
>>>> Alert Count                   3
>>>> First Seen                    Wed 29 Sep 2010 01:42:12 PM IST
>>>> Last Seen                     Wed 29 Sep 2010 01:55:51 PM IST
>>>> Local ID                      fbfa8445-e6d3-42a8-9396-80d75f288650
>>>> Line Numbers
>>>>
>>>> Raw Audit Messages
>>>>
>>>> node=sam.csslabs type=AVC msg=audit(1285748751.47:24835): avc:  denied
>>>> {
>>>> execmod } for  pid=5633 comm="beam.smp"
>>>> path="/livingcode/sandbox/riak/riak-0.12.0/rel/riak/lib/erlang_js-0.4/priv/erlang_js_drv.so"
>>>> dev=dm-2 ino=6938
>>>> scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
>>>> tcontext=unconfined_u:object_r:file_t:s0 tclass=file
>>>>
>>>> node=sam.csslabs type=SYSCALL msg=audit(1285748751.47:24835):
>>>> arch=40000003 syscall=125 success=no exit=-13 a0=4b6000 a1=c0000 a2=5
>>>> a3=b60cfd50 items=0 ppid=5599 pid=5633 auid=500 uid=0 gid=0 euid=0
>>>> suid=0
>>>> fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=1 comm="beam.smp"
>>>> exe="/livingcode/sandbox/riak/riak-0.12.0/rel/riak/erts-5.8/bin/beam.smp"
>>>> subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
>>>>
>>>>
>>>> """
>>>> Anyday...
>>>> Above the ground and vertical
>>>> ... is a good day!
>>>> """
>>>> http://megam.info
>>>> :)~
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> riak-users mailing list
>>>> riak-users at lists.basho.com
>>>> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> riak-users mailing list
>> riak-users at lists.basho.com
>> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>>
>>
> --
> Ke Zhu
> http://www.netvibes.com/shawnzhu
>

-- 
Sent from my mobile device




More information about the riak-users mailing list