Monday, May 16, 2016

Kernel Policy Modules

After installing Lighttpd, we kept getting an error:

Lighttpd doesn't start - selinux

Lighttpd doesn't start due to a conflict with file descriptors:

Issue
# /etc/init.d/lighttpd restart
Stopping lighttpd:                                         [FAILED]
Starting lighttpd: 2012-06-03 00:57:12: (server.c.722) couldn't set 'max filedescriptors' Permission denied
                                                           [FAILED]

The process is being started as user lighttpd, and of course has no permissions to set file descriptors, which is the essence of the problem.

The fix for this, is to install seutils.

Solution:

Install SE utils

yum install policycoreutils-python
Create SELinux module to allow lighttpd to set its own open file descriptors limit
/usr/sbin/semodule -DB
# /etc/init.d/auditd restart
Stopping auditd:                                           [  OK  ]
Starting auditd:                                           [  OK  ]
#grep lighttpd /var/log/audit/audit.log | audit2allow -M lighttpdmaxfds
#/usr/sbin/semodule -i lighttpdmaxfds.pp 
 # /etc/init.d/lighttpd restart
Stopping lighttpd:                                         [FAILED]
Starting lighttpd:                                         [  OK  ]
# /usr/sbin/semodule -B
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

AI / ML - Feature Engineering - Interaction Features

I added some new macro features to my model - credit card debt, credit card delinquency, and unemployment data. Some of these were VERY infl...