我正在尝试安装并运行syslog-ng,但是我被阻塞了以下错误。
Error opening configuration file; filename='/etc/syslog-ng/syslog-ng.conf', error='Permission denied (13)' 我用sudo运行这个,文件和目录现在都有777权限。 我已经使用了strace,这是一个公开的电话,与EACCESS失败。 据我们所知,它不会变成另一个用户。
更新:按要求:strace输出
[edward.sargisson@apps-mgmt-fe1 syslog-ng]$ sudo strace -f -v -eopen /etc/init.d/syslog-ng start open("/etc/ld.so.cache", O_RDONLY) = 3 open("/lib64/libtermcap.so.2", O_RDONLY) = 3 open("/lib64/libdl.so.2", O_RDONLY) = 3 open("/lib64/libc.so.6", O_RDONLY) = 3 open("/dev/tty", O_RDWR|O_NONBLOCK) = 3 open("/usr/lib/locale/locale-archive", O_RDONLY) = 3 open("/proc/meminfo", O_RDONLY) = 3 open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3 open("/etc/init.d/syslog-ng", O_RDONLY) = 3 open("/etc/init.d/functions", O_RDONLY) = 3 Process 4802 attached (waiting for parent) Process 4802 resumed (parent 4801 ready) Process 4803 attached (waiting for parent) Process 4803 resumed (parent 4802 ready) Process 4802 suspended [pid 4803] open("/etc/ld.so.cache", O_RDONLY) = 3 [pid 4803] open("/lib64/libc.so.6", O_RDONLY) = 3 Process 4802 resumed Process 4803 detached [pid 4802] --- SIGCHLD (Child exited) @ 0 (0) --- Process 4802 detached --- SIGCHLD (Child exited) @ 0 (0) --- open("/etc/profile.d/lang.sh", O_RDONLY) = 3 open("/etc/sysconfig/i18n", O_RDONLY) = 3 open("/etc/sysconfig/init", O_RDONLY) = 3 open("/usr/share/locale/locale.alias", O_RDONLY) = 3 open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/initscripts.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US.utf8/LC_MESSAGES/initscripts.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US/LC_MESSAGES/initscripts.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.UTF-8/LC_MESSAGES/initscripts.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.utf8/LC_MESSAGES/initscripts.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/initscripts.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/sysconfig/syslog-ng", O_RDONLY) = 3 Process 4804 attached (waiting for parent) Process 4804 resumed (parent 4801 ready) Process 4801 suspended [pid 4804] open("/etc/ld.so.cache", O_RDONLY) = 3 [pid 4804] open("/lib64/libnsl.so.1", O_RDONLY) = 3 [pid 4804] open("/lib64/librt.so.1", O_RDONLY) = 3 [pid 4804] open("/lib64/libnet.so.1", O_RDONLY) = 3 [pid 4804] open("/lib64/libdl.so.2", O_RDONLY) = 3 [pid 4804] open("/lib64/libc.so.6", O_RDONLY) = 3 [pid 4804] open("/lib64/libpthread.so.0", O_RDONLY) = 3 [pid 4804] open("/etc/eventlog.conf", O_RDONLY) = -1 ENOENT (No such file or directory) [pid 4804] open("/etc/localtime", O_RDONLY) = 3 [pid 4804] open("/etc/syslog-ng/syslog-ng.conf", O_RDONLY) = -1 EACCES (Permission denied) Error opening configuration file; filename='/etc/syslog-ng/syslog-ng.conf', error='Permission denied (13)' Process 4801 resumed Process 4804 detached --- SIGCHLD (Child exited) @ 0 (0) ---
作为一个testing,我们将syslog-ng.conf移到了某个地方,并将其复制回来 – 这使得它工作,但没有任何帮助。 如果我使用厨师来replace文件,那么syslog-ng将不会启动。
好吧,原来这是一个与SELinux相关的问题。 只是为了logging,可以检查/var/log/audit/audit.log以获得与SELinux相关的事件,应该启动auditd来启用此日志。 有两种可能的解决scheme:禁用SELinux(不推荐)或创build允许访问此文件的自定义SELinux策略。 也许文件只是没有适当的安全上下文关联,那么自定义策略就不需要了。
发问者补充说:使用ls -Z我现在可以看到文件具有user_u:object_r:tmp_t的上下文user_u:object_r:tmp_t 。 我的猜测是,厨师从厨师服务器复制文件,并获得tmp_t上下文。 但是,该文件需要/etc etc_t的默认上下文。 厨师有一个selinux食谱似乎有适当的function来控制这一点。