SELinux missing oracleasm contexts -
preface...selinux not area of expertise...nor oracle. nevertheless have issue solve. seems file , executable contexts missing selinux implementation , use input on problem.
i had set selinux permissive create asm disks, infosec requires sel running. if reboot, disks cannot come online because sel blocks them.
the oracleasm contexts missing context file, come from?
[root@hostname files]# cat /etc/selinux/targeted/contexts/files/file_contexts|grep oracle /opt/(.*/)?oracle/(.*/)?libnnz.*\.so -- system_u:object_r:textrel_shlib_t:s0 /usr/lib(64)?/nagios/plugins/check_oracle -- system_u:object_r:nagios_services_plugin_exec_t:s0 /usr/lib/oracle(64)?/.*/lib/libclntsh\.so(\.[^/]*)* system_u:object_r:textrel_shlib_t:s0 /usr/lib/oracle/.*/lib/libnnz.*\.so -- system_u:object_r:textrel_shlib_t:s0 /usr/lib/oracle/.*/lib/libnnz10\.so -- system_u:object_r:textrel_shlib_t:s0 /usr/lib/oracle/xe/apps(/.*)? system_u:object_r:bin_t:s0
log info:
[root@hostname etc]# dmesg|grep oracleasm asm: oracleasmfs mounted options: <defaults> selinux: initialized (dev oracleasmfs, type oracleasmfs), not configured labeling asm: oracleasmfs mounted options: <defaults> selinux: initialized (dev oracleasmfs, type oracleasmfs), not configured labeling
similarly find in messages assume applies oracleasm executable.
file_contexts: invalid context system_u:object_r:oracleasm_exec_t:s0 [root@hostname etc]# ls -z /dev/oracleasm/disks brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_data_01_d1_l21 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_data_01_d2_l22 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_data_01_d3_l23 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_data_01_d4_l24 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_fra_01_d1_l31 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_fra_01_d2_l32 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_fra_01_d3_l33 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_fra_01_d4_l34 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_sysaux_01_d1_l41 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_sysaux_01_d2_l42 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_sysaux_01_d3_l43 brw-rw----. user1 grp1 system_u:object_r:unlabeled_t:s0 asm_sysaux_01_d4_l44
try manually apply context:
[root@hoestname etc]# semanage fcontext -a -t oracleasmfs_t '/dev/oracleasm(/.*)?' /usr/sbin/semanage: type oracleasmfs_t invalid, must file or device type [root@hostname etc]# rpm -q oracleasmlib oracleasmlib-2.0.4-1.el6.x86_64 [root@hostname files]# lsmod|grep oracle oracleasm 53591 1 [root@hostname etc]# service oracleasm status checking if asm loaded: yes checking if /dev/oracleasm mounted: yes [root@hostname etc]# semodule -l|grep oracle oracleasm 1.0.0
please let me know if can present additional info. thanks.
Comments
Post a Comment