今天将/etc/selinux/config里面的配置改为了
SELINUXTYPE=targeted
然后发现这个节点就无法ssh上去了,报错如下
ssh和scp都报一样的错误,都是 unable to get valid context for root.
[root@slcm05adm01 ~]# ssh root@slcm05adm02
Unable to get valid context for root
Last login: Sat Jun 4 19:20:49 MDT 2022 from 10.154.101.159 on pts/0
Last login: Sat Jun 4 19:21:23 2022 from 10.245.169.42
Connection to slcm05adm02 closed.
[root@slcm05adm01 tmp]# scp selinux-policy-minimum-3.14.3-80.0.4.el8_5.20220103162716.fd3f3e4.2.noarch.rpm slcm05adm04:~/
Unable to get valid context for root
然后将node重启,发现也是重启失败,报错
Failed to load SELinux policy,freezing.
原因是因为没有安装rpm selinux-policy-minimum
在没有安装这个rpm的情况下不要修改这个参数为minimum
其真实原因可能是我写错了
把minimum写成了minunum
[root@slcm05adm04 selinux]# cat config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=disabled
#SELINUX=enforcing
SELINUX=permissive
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
SELINUXTYPE=minunum
#SELINUXTYPE=targeted