Não é possível adicionar o grupo na área de trabalho do RHEL

1

Pergunta : por que o groupadd falha aqui? Está relacionado ao SELinux ou talvez a um bug?

Eu encontrei o problema mv /etc/group+ /etc/group via strace groupadd ..

[root@notebook ~]# groupadd testing
groupadd: failure while writing changes to /etc/group
[root@notebook ~]# grep testing /var/log/audit/audit.log 
type=ADD_GROUP msg=audit(1465386369.617:2553): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-group acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
type=GRP_MGMT msg=audit(1465386369.618:2554): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=adding-shadow-group acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
type=ADD_GROUP msg=audit(1465386369.618:2555): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=adding-group acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
type=ADD_GROUP msg=audit(1465386369.618:2556): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op= acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
[root@notebook ~]# 
[root@notebook ~]# ls -Z /usr/sbin/groupadd
-rwxr-x---. root root unconfined_u:object_r:groupadd_exec_t:s0 /usr/sbin/groupadd
[root@notebook ~]# ls -Z /usr/bin/mv
-rwxr-xr-x. root root system_u:object_r:bin_t:s0       /usr/bin/mv
[root@notebook ~]# 
[root@notebook ~]# lsb_release -r
Release:    7.2
[root@notebook ~]# 
[root@notebook ~]# mv -f /etc/group+ /etc/group
mv: cannot move ‘/etc/group+’ to ‘/etc/group’: Device or resource busy
[root@notebook ~]# 
[root@notebook ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28
[root@notebook ~]# 
    
por LoukiosValentine79 08.06.2016 / 13:50

0 respostas