更新时间:2022-05-15 08:28:59
因此,您可以使用audit2allow(yum install audit-libs-python audit-libs)来解决此问题.
So, you can fix this by using audit2allow (yum install audit-libs-python audit-libs).
SELinux日志到/var/log/audit/audit.log.如果您跟踪并捕获了重新启动Web服务(服务httpd restart)的输出,则可以通过audit2allow运行新输出,并创建一个模块以在selinux下安装...
SELinux logs to /var/log/audit/audit.log. If you tail and capture the output from restarting the web service (service httpd restart) you can then run the new output through audit2allow and make a module to install under selinux...
因此,假设您已将其捕获到名为"audit_tmp"的文件中:
So, assuming you have captured it into a file called "audit_tmp":
cat audit_tmp | audit2allow -D -M passenger
这将创建一个名为passenger.pp的文件,您可以使用以下文件进行应用:
This will create a file called passenger.pp which you can apply using:
semodule -i passenger.pp
这样做将阻止阻止乘客装载的第一件事-但请注意可能还会更多,因此您需要再次重复该过程,直到工作为止.我希望这是有道理的!
Doing this will unblock the first thing that was stopping passenger from loading - but be aware that there will probably be more so you will need to repeats the process again until it works. I hope that makes sense!