[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Linux-cluster] RHEL 5.3: Joining fence domain hangs when selinux is enabled





On Aug 12, 2009, at 12:26, Ian Hayes <cthulhucalling gmail com> wrote:

I'm assuming that you're running the Targeted policy and not the strict policy...

RHEL5 has a module for ccs, but I haven't taken it apart. The files for fencing may be incorrectly labeled or the policy doesn't allow fenced to run correctly.

Look at your /var/log/audit/audit.log files and see what's being denied. You may want to install sealert and setroubleshootd so you can browse the messages. First, check the file contexts of the files that are appearing in your audit logs. Nothing should be default_t. If anything looks out of whack, try restoring the correct file contexts with restorecon and see if the file contexts have changed.

Definitely run restorecon as suggested, but add a "-vv" option (two levels of verbosity) to see whether it's ignoring any customizable types. If so, run again and additionally use the -F option to force.

Hth,
-paul


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]