[Linux-cluster] RHEL 5.3: Joining fence domain hangs when selinux is enabled

Paul Morgan jumanjiman at gmail.com
Wed Aug 12 18:14:36 UTC 2009

On Aug 12, 2009, at 12:26, Ian Hayes <cthulhucalling at gmail.com> wrote:

> I'm assuming that you're running the Targeted policy and not the  
> strict policy...
> RHEL5 has a module for ccs, but I haven't taken it apart. The files  
> for fencing may be incorrectly labeled or the policy doesn't allow  
> fenced to run correctly.
> Look at your /var/log/audit/audit.log files and see what's being  
> denied. You may want to install sealert and setroubleshootd so you  
> can browse the messages. First, check the file contexts of the files  
> that are appearing in your audit logs.  Nothing should be default_t.  
> If anything looks out of whack, try restoring the correct file  
> contexts with restorecon and see if the file contexts have changed.

Definitely run restorecon as suggested, but add a "-vv" option (two  
levels of verbosity) to see whether it's ignoring any customizable  
types. If so, run again and additionally use the -F option to force.


More information about the Linux-cluster mailing list