-2
我的系統是fedora 23.cron selinux安全上下文問題
試圖運行被/ etc/crontab中的selinux阻止的cronjob。
的crontab中* * * * sun,mon,tue,wed,thu,fri,sat root DISPLAY=:0 eog $HOME/Pictures/somepic.jpg
方面:
-rw-r--r--. 1 root root unconfined_u:object_r:etc_t:s0 2664 Jan 23 18:12 /etc/crontab
如果我運行許可模式的SELinux,作業運行每次。
這裏是在 '強制模式' 爲crond的日記帳分錄:
-- Logs begin at Wed 2016-01-20 10:40:21 PST. --
Jan 23 18:25:01 localhost.localdomain CROND[20342]: (root) CMDOUT (/bin/sh: root: command not found)
Jan 23 18:25:25 localhost.localdomain crond[938]: (CRON) INFO (Shutting down)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (CRON) INFO (Syslog will be used instead of sendmail.)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 12% if used.)
Jan 23 18:25:25 localhost.localdomain crond[18645]: ((null)) Unauthorized SELinux context=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:etc_t:s0 (/etc/crontab)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (root) FAILED (loading cron table)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (root) Unauthorized SELinux context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 file_context=unconfined_u:object_r:user_cron_spool_t:s0 (/var/spool/cron/root)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (root) FAILED (loading cron table)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (CRON) INFO (running with inotify support)
Jan 23 18:25:25 localhost.localdomain crond[18645]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
sebool設置:
cron_can_relabel --> off
cron_system_cronjob_use_shares --> off
cron_userdomain_transition --> on
fcron_crond --> off
1)你爲什麼運行作業爲根?你想要訪問的文件到底在哪裏? 2)這到底是什麼:「太陽,星期一,星期三,星期四,星期五,星期五,星期五」? – Jakuje