Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-24101

MongoDB needs excecution permission on ld.so.cache and locale-archive when running on SELinux

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Duplicate
    • None
    • None
    • Build
    • None
    • ALL
    • Hide

      Install mongodb 3.2.5 on RHEL7 or FEDORA with SELinux set to enforcing.

      Show
      Install mongodb 3.2.5 on RHEL7 or FEDORA with SELinux set to enforcing.

    Description

      When trying to start mongod on RHEL 7 and FEDORA 23 with SELinux set to enforcing the following error occurs:

      Fai...
      Failed to start SYSV: Mongo is a scalable, document-oriented database..
      – Subject: Unit mongod.service has failed
      – Defined-By: systemd
      – Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      – Unit mongod.service has failed.

      – The result is failed.
      Unit mongod.service entered failed state.
      mongod.service failed.
      Unregistered Authentication Agent for unix-process:103456:24616645 (system bus name :1.1410, object path /org/freedesktop/PolicyK
      Successfully activated service 'org.fedoraproject.Setroubleshootd'
      Successfully activated service 'org.fedoraproject.Setroubleshootd'
      'list' object has no attribute 'split'
      setroubleshoot[103472]: Plugin Exception restorecon_source
      SELinux is preventing /usr/bin/mongod from execute access on the file /etc/ld.so.cache. For complete SELinux messages.
      SELinux is preventing /usr/bin/mongod from execute access on the file /etc/ld.so.cache.
      Plugin catchall (100. confidence) suggests **************************
      If you believe that mongod should be allowed execute access on the ld.so.cache file by default.
      Then you should report this as a bug.
      You can generate a local policy module to allow this access.
      Do
      allow this access for now by executing:
      grep mongod /var/log/audit/audit.log | audit2allow -M mypol
      semodule -i mypol.pp
      SELinux is preventing /usr/bin/mongod from execute access on the file /usr/lib/locale/locale-archive. For complete SELi
      SELinux is preventing /usr/bin/mongod from execute access on the file /usr/lib/locale/locale-archive.
      Plugin catchall (100. confidence) suggests **************************
      If you believe that mongod should be allowed execute access on the locale-archive file by default.
      Then you should report this as a bug.
      You can generate a local policy module to allow this access.
      Do
      allow this access for now by executing:
      grep mongod /var/log/audit/audit.log | audit2allow -M mypol
      semodule -i mypol.pp'

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. SERVER-24117 Mongo binaries ELF stack has become executable

          • Critical - P2 - Crashes, loss of data, severe memory leak.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. SERVER-23863 MongoDB v3.2.5 crash due to permission denied execmem - SELinux CentOS 7

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              oyvinmy Øyvind Myklatun
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: