我试图从mongodb.org存储库在CentOS 7.2上安装MongoDB。 到目前为止,这个主机已经为所有的MongoDB数据文件创build了一个辅助磁盘(/ mongo)。 这与SELinux权限冲突,使MongoDB无法启动。 我已经开始运行setenforce 0 ,但是这不是我想运行生产服务器的方式。
我有很多Linux的经验,但是我所有的SELinux经验都是closures的。 我发现这个CentOS SELinux教程 ,让我觉得运行
[user@machine lib]$ sudo chcon -Rv --type mongod_var_lib_t /mongo changing security context of '/mongo/mongod.lock' changing security context of '/mongo/journal/WiredTigerLog.0000000001' changing security context of '/mongo/journal/WiredTigerPreplog.0000000001' changing security context of '/mongo/journal/WiredTigerPreplog.0000000002' changing security context of '/mongo/journal' changing security context of '/mongo/WiredTiger.lock' changing security context of '/mongo/WiredTiger' changing security context of '/mongo/WiredTiger.wt' changing security context of '/mongo/WiredTiger.turtle' changing security context of '/mongo/WiredTigerLAS.wt' changing security context of '/mongo/sizeStorer.wt' changing security context of '/mongo/_mdb_catalog.wt' changing security context of '/mongo/storage.bson' changing security context of '/mongo/collection-0-7567754672580995921.wt' changing security context of '/mongo/index-1-7567754672580995921.wt' changing security context of '/mongo/diagnostic.data/metrics.2016-04-14T06-51-54Z-00000' changing security context of '/mongo/diagnostic.data/metrics.interim' changing security context of '/mongo/diagnostic.data' changing security context of '/mongo' [user@machine lib]$ ls -Z /mongo -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 collection-0-7567754672580995921.wt drwxr-xr-x. mongod mongod system_u:object_r:mongod_var_lib_t:s0 diagnostic.data -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 index-1-7567754672580995921.wt drwxr-xr-x. mongod mongod system_u:object_r:mongod_var_lib_t:s0 journal -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 _mdb_catalog.wt -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 mongod.lock -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 sizeStorer.wt -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 storage.bson -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 WiredTiger -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 WiredTigerLAS.wt -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 WiredTiger.lock -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 WiredTiger.turtle -rw-r--r--. mongod mongod system_u:object_r:mongod_var_lib_t:s0 WiredTiger.wt
会解决这个问题。 之后,我做了一个touch /.autorelabel并重新启动。 不幸的是,这并没有解决手头的问题。 我将如何解决这个问题?
当前的错误是:[user @ machine lib] $ systemctl status mongod●mongod.service – SYSV:Mongo是一个可扩展的面向文档的数据库。 加载(/etc/rc.d/init.d/mongod)激活:失败(结果:退出代码)自从星期四2016-04-14 09:02:54 CEST; 2s前文件:man:systemd-sysv-generator(8)进程:2180 ExecStart = /etc/rc.d/init.d/mongod start(code = exited,status = 1 / FAILURE)
Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld systemd[1]: Starting SYSV: Mongo is a scalable, document-oriented database.... Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld runuser[2187]: pam_unix(runuser:session): session opened for user mongod by (uid=0) Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld runuser[2187]: pam_unix(runuser:session): session closed for user mongod Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld mongod[2180]: Starting mongod: [FAILED] Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld systemd[1]: mongod.service: control process exited, code=exited status=1 Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld systemd[1]: Failed to start SYSV: Mongo is a scalable, document-oriented database.. Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld systemd[1]: Unit mongod.service entered failed state. Apr 14 09:02:54 LMG-TA-MONGO01.boolhosting.tld systemd[1]: mongod.service failed.
如果你想以简单的方式为MongoconfigurationSELINUX,可以在你的/var/log/audit/audit.log上试试audit2why ,看看哪些违规将被拒绝,并用audit2allow构build自定义策略。 它在80%的事件中起作用。
如果您仍然有问题 – 运行audit2why并手动修复其他问题。 也许我们可以帮助你在这一步。