19,612
社区成员
发帖
与我相关
我的任务
分享setroubleshootd已死,但pid文件仍存
对selinux的工作原理还没搞清,在虚拟机上实验
今天查看日志
cat /var/log/messages | grep setroubleshoot
后,按照其中一条信息,使用
sealert -l d0bfa516-f5db-42f2-9683-3d01dfc561e5
查看相信报错时,出现错误提示:
failed to connect to server: Connection refused。
显示为连接服务器失败。于是查看setroubleshoot服务,显示
setroubleshootd已死,但pid文件仍存。
手动重启或停止setroubleshoot服务均失败。
查看setroubleshoot在messages中的日志信息,发现原本提示信息都正常,在nov 5 12:57:16的时候开始报程序错误。不知道是怎么一回事?
Nov 5 11:44:26 new setroubleshoot: SELinux is preventing lsnrctl from loading /u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so.11.1 which requires text relocation. For complete SELinux messages. run sealert -l 06d28197-111a-421d-81ff-f4b1e8c43412
Nov 5 12:56:46 new setroubleshoot: SELinux is preventing 0logwatch (logwatch_t) "sys_resource" to <未知的> (logwatch_t). For complete SELinux messages. run sealert -l f06034fe-2674-407b-b888-8695b3c1191d
Nov 5 12:57:16 new setroubleshoot: [program.ERROR] setroubleshoot generated AVC, exiting to avoid recursion, context=system_u:system_r:setroubleshootd_t:s0, AVC scontext=system_u:system_r:setroubleshootd_t:s0
Nov 5 12:57:16 new setroubleshoot: [program.ERROR] audit event host=new type=AVC msg=audit(1383627436.406:56): avc: denied { sys_resource } for pid=4706 comm="setroubleshootd" capability=24 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:system_r:setroubleshootd_t:s0 tclass=capability host=new type=SYSCALL msg=audit(1383627436.406:56): arch=40000003 syscall=4 success=yes exit=12288 a0=c a1=9e7c6f4 a2=3000 a3=3000 items=0 ppid=1 pid=4706 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
今天查看日志
cat /var/log/messages | grep setroubleshoot
后,按照其中一条信息,使用
sealert -l d0bfa516-f5db-42f2-9683-3d01dfc561e5
查看相信报错时,出现错误提示:
failed to connect to server: Connection refused。
显示为连接服务器失败。于是查看setroubleshoot服务,显示
setroubleshootd已死,但pid文件仍存。
手动重启或停止setroubleshoot服务均失败。
查看setroubleshoot在messages中的日志信息,发现原本提示信息都正常,在nov 5 12:57:16的时候开始报程序错误。不知道是怎么一回事?
Nov 5 11:44:26 new setroubleshoot: SELinux is preventing lsnrctl from loading /u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so.11.1 which requires text relocation. For complete SELinux messages. run sealert -l 06d28197-111a-421d-81ff-f4b1e8c43412
Nov 5 12:56:46 new setroubleshoot: SELinux is preventing 0logwatch (logwatch_t) "sys_resource" to <未知的> (logwatch_t). For complete SELinux messages. run sealert -l f06034fe-2674-407b-b888-8695b3c1191d
Nov 5 12:57:16 new setroubleshoot: [program.ERROR] setroubleshoot generated AVC, exiting to avoid recursion, context=system_u:system_r:setroubleshootd_t:s0, AVC scontext=system_u:system_r:setroubleshootd_t:s0
Nov 5 12:57:16 new setroubleshoot: [program.ERROR] audit event host=new type=AVC msg=audit(1383627436.406:56): avc: denied { sys_resource } for pid=4706 comm="setroubleshootd" capability=24 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:system_r:setroubleshootd_t:s0 tclass=capability host=new type=SYSCALL msg=audit(1383627436.406:56): arch=40000003 syscall=4 success=yes exit=12288 a0=c a1=9e7c6f4 a2=3000 a3=3000 items=0 ppid=1 pid=4706 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
...全文
请发表友善的回复…
发表回复
richard_shi10 2013-11-11
- 打赏
- 举报
基本看不懂,需要学习的太多啦
