SELinux is preventing /usr/bin/bash from using the dac_override capability
위와 같이 에러가 뜬다면 에러와 같이 뜬 내용을 확인해보면 된다.
# journalctl -xe
SELinux is preventing /usr/bin/bash from using the dac_override capability.
***** Plugin dac_override (91.4 confidence) suggests **********************
If you want to help identify if domain needs this access or you have a file with the wrong permissions on your system
Then turn on full auditing to get path information about the offending file and generate the error again.
Do
Turn on full auditing
# auditctl -w /etc/shadow -p w
Try to recreate AVC. Then execute
# ausearch -m avc -ts recent
If you see PATH record check ownership/permissions on file, and fix it,
otherwise report as a bugzilla.
***** Plugin catchall (9.59 confidence) suggests **************************
If you believe that bash should have the dac_override capability by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'mysqld_safe' --raw | audit2allow -M my-mysqldsafe
# semodule -X 300 -i my-mysqldsafe.pp
이렇게 에러 떠 있다.
차례대로
# auditctl -w /etc/shadow -p w
# ausearch -m avc -ts recent
# ausearch -c 'mysqld_safe' --raw | audit2allow -M my-mysqldsafe
# semodule -X 300 -i my-mysqldsafe.pp
입력 해주고
# systemctl restart mysql
해주면 정상 작동 된다.
'Linux' 카테고리의 다른 글
| 리눅스 환경에서 특정 명령어 사용시 재부팅 증상 (0) | 2021.09.13 |
|---|---|
| Mysql 5.6 on Centos 8 install (0) | 2021.08.23 |
| centos 8 subversion 1.7.x install (0) | 2021.08.11 |
| libtool: install: error: cannot install `libaprutil-1.la' to a directory not ending in /usr/local/apr/lib (0) | 2021.08.10 |
| POD document had syntax errors at /usr/bin/pod2man (0) | 2021.08.10 |