Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-24101

MongoDB needs excecution permission on ld.so.cache and locale-archive when running on SELinux

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Build
    • Labels:
      None
    • Operating System:
      ALL
    • Steps To Reproduce:
      Hide

      Install mongodb 3.2.5 on RHEL7 or FEDORA with SELinux set to enforcing.

      Show
      Install mongodb 3.2.5 on RHEL7 or FEDORA with SELinux set to enforcing.

      Description

      When trying to start mongod on RHEL 7 and FEDORA 23 with SELinux set to enforcing the following error occurs:

      Fai...
      Failed to start SYSV: Mongo is a scalable, document-oriented database..
      – Subject: Unit mongod.service has failed
      – Defined-By: systemd
      – Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      – Unit mongod.service has failed.

      – The result is failed.
      Unit mongod.service entered failed state.
      mongod.service failed.
      Unregistered Authentication Agent for unix-process:103456:24616645 (system bus name :1.1410, object path /org/freedesktop/PolicyK
      Successfully activated service 'org.fedoraproject.Setroubleshootd'
      Successfully activated service 'org.fedoraproject.Setroubleshootd'
      'list' object has no attribute 'split'
      setroubleshoot[103472]: Plugin Exception restorecon_source
      SELinux is preventing /usr/bin/mongod from execute access on the file /etc/ld.so.cache. For complete SELinux messages.
      SELinux is preventing /usr/bin/mongod from execute access on the file /etc/ld.so.cache.
      Plugin catchall (100. confidence) suggests **************************
      If you believe that mongod should be allowed execute access on the ld.so.cache file by default.
      Then you should report this as a bug.
      You can generate a local policy module to allow this access.
      Do
      allow this access for now by executing:
      grep mongod /var/log/audit/audit.log | audit2allow -M mypol
      semodule -i mypol.pp
      SELinux is preventing /usr/bin/mongod from execute access on the file /usr/lib/locale/locale-archive. For complete SELi
      SELinux is preventing /usr/bin/mongod from execute access on the file /usr/lib/locale/locale-archive.
      Plugin catchall (100. confidence) suggests **************************
      If you believe that mongod should be allowed execute access on the locale-archive file by default.
      Then you should report this as a bug.
      You can generate a local policy module to allow this access.
      Do
      allow this access for now by executing:
      grep mongod /var/log/audit/audit.log | audit2allow -M mypol
      semodule -i mypol.pp'

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: