[Linux-cluster] RHEL 5.3: Joining fence domain hangs when selinux is enabled
Paul Morgan
jumanjiman at gmail.com
Wed Aug 12 18:14:36 UTC 2009
On Aug 12, 2009, at 12:26, Ian Hayes <cthulhucalling at gmail.com> wrote:
> I'm assuming that you're running the Targeted policy and not the
> strict policy...
>
> RHEL5 has a module for ccs, but I haven't taken it apart. The files
> for fencing may be incorrectly labeled or the policy doesn't allow
> fenced to run correctly.
>
> Look at your /var/log/audit/audit.log files and see what's being
> denied. You may want to install sealert and setroubleshootd so you
> can browse the messages. First, check the file contexts of the files
> that are appearing in your audit logs. Nothing should be default_t.
> If anything looks out of whack, try restoring the correct file
> contexts with restorecon and see if the file contexts have changed.
Definitely run restorecon as suggested, but add a "-vv" option (two
levels of verbosity) to see whether it's ignoring any customizable
types. If so, run again and additionally use the -F option to force.
Hth,
-paul
More information about the Linux-cluster
mailing list