Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-24101

MongoDB needs excecution permission on ld.so.cache and locale-archive when running on SELinux

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Build
    • None
    • ALL
    • Hide

      Install mongodb 3.2.5 on RHEL7 or FEDORA with SELinux set to enforcing.

      Show
      Install mongodb 3.2.5 on RHEL7 or FEDORA with SELinux set to enforcing.

      When trying to start mongod on RHEL 7 and FEDORA 23 with SELinux set to enforcing the following error occurs:

      Fai...
      Failed to start SYSV: Mongo is a scalable, document-oriented database..
      – Subject: Unit mongod.service has failed
      – Defined-By: systemd
      – Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      – Unit mongod.service has failed.

      – The result is failed.
      Unit mongod.service entered failed state.
      mongod.service failed.
      Unregistered Authentication Agent for unix-process:103456:24616645 (system bus name :1.1410, object path /org/freedesktop/PolicyK
      Successfully activated service 'org.fedoraproject.Setroubleshootd'
      Successfully activated service 'org.fedoraproject.Setroubleshootd'
      'list' object has no attribute 'split'
      setroubleshoot[103472]: Plugin Exception restorecon_source
      SELinux is preventing /usr/bin/mongod from execute access on the file /etc/ld.so.cache. For complete SELinux messages.
      SELinux is preventing /usr/bin/mongod from execute access on the file /etc/ld.so.cache.
      Plugin catchall (100. confidence) suggests **************************
      If you believe that mongod should be allowed execute access on the ld.so.cache file by default.
      Then you should report this as a bug.
      You can generate a local policy module to allow this access.
      Do
      allow this access for now by executing:
      grep mongod /var/log/audit/audit.log | audit2allow -M mypol
      semodule -i mypol.pp
      SELinux is preventing /usr/bin/mongod from execute access on the file /usr/lib/locale/locale-archive. For complete SELi
      SELinux is preventing /usr/bin/mongod from execute access on the file /usr/lib/locale/locale-archive.
      Plugin catchall (100. confidence) suggests **************************
      If you believe that mongod should be allowed execute access on the locale-archive file by default.
      Then you should report this as a bug.
      You can generate a local policy module to allow this access.
      Do
      allow this access for now by executing:
      grep mongod /var/log/audit/audit.log | audit2allow -M mypol
      semodule -i mypol.pp'

            Assignee:
            Unassigned Unassigned
            Reporter:
            oyvinmy Øyvind Myklatun
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: