Linux 高级安全SELinux的关闭
Linux有一个高级安全组件,如果开启会输出打了的日志文件messages.如下:
导致/var/log/messages 达到11g
root@cpp11 ~]# df
-l
文件系统
1K-块 已用 可用 已用%
挂载点
/dev/cciss/c0d0p5 14877060
12559852 1549304 90%
/
/dev/cciss/c0d0p6 9920592
2951964 6456560 32%
/usr
/dev/cciss/c0d0p2 236533252 8872680
215451576 4%
/home
/dev/cciss/c0d0p1
497829 31091 441036 7%
/boot
tmpfs
4087756 0
4087756 0% /dev/shm
-rw------- 1 root root 11552168167 04-30 09:56 messages
Apr 30 10:17:38 cpp11 setroubleshoot: SELinux
is preventing /sbin/ifconfig (ifconfig_t) "read write" to socket:[15913]
(initrc_t). For complete SELinux messages. run
sealert -l 692945d4-87c8-4885-b6c7-9f58bb7feeae
Apr 30 10:17:38 cpp11
setroubleshoot: SELinux is preventing
/sbin/ethtool (ifconfig_t) "read write" to socket:[15913]
(initrc_t). For complete SELinux messages. run
sealert -l 692945d4-87c8-4885-b6c7-9f58bb7feeae
Apr 30 10:17:51 cpp11
snmpd[3461]: Connection from UDP: [127.0.0.1]:50693
Apr 30 10:17:51 cpp11
snmpd[3461]: Received SNMP packet(s) from UDP: [127.0.0.1]:50693
Apr 30
10:18:06 cpp11 snmpd[3461]: Connection from UDP: [127.0.0.1]:50696
Apr 30
10:18:06 cpp11 snmpd[3461]: Received SNMP packet(s) from UDP: [127.0.0.1]:50696
Apr 30 10:18:08 cpp11 setroubleshoot: SELinux
is preventing /sbin/ethtool (ifconfig_t) "read write" to socket:[15913]
(initrc_t). For complete SELinux messages. run
sealert -l 692945d4-87c8-4885-b6c7-9f58bb7feeae
Apr 30 10:18:08 cpp11
setroubleshoot: SELinux is preventing
/sbin/ifconfig (ifconfig_t) "read write" to socket:[15913]
(initrc_t). For complete SELinux messages. run
sealert -l 692945d4-87c8-4885-b6c7-9f58bb7feeae
Apr 30 10:18:08 cpp11 last
message repeated 2 times
Apr 30 10:18:08 cpp11
setroubleshoot: SELinux is preventing
/sbin/ethtool (ifconfig_t) "read write" to socket:[15913]
(initrc_t). For complete SELinux messages. run
sealert -l 692945d4-87c8-4885-b6c7-9f58bb7feeae
Apr 30 10:18:08 cpp11
setroubleshoot: SELinux is preventing
/sbin/ifconfig (ifconfig_t) "read write" to socket:[15913]
(initrc_t). For complete SELinux messages. run
sealert -l 692945d4-87c8-4885-b6c7-9f58bb7feeae
解决方法:关闭SELinux