您的位置:首页 > 大数据 > 人工智能

Failed to call ScheduleShutdown in logind, proceeding with immediate shutdown: Access denied

2015-11-30 13:05 627 查看
  装了fedora23后定时关机:sudo shutdown -h +60


Failed to call ScheduleShutdown in logind, proceeding with immediate shutdown: Access denied

journalctl | grep -i avc


Nov 26 12:26:57 RedBase audit[752]: AVC avc:  denied  { create } for  pid=752 comm="systemd-logind" name=".#scheduledKNqxuo" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0


# sudo audit2why < /var/log/audit/audit.log

type=AVC msg=audit(1448512017.541:564): avc:  denied  { create } for  pid=752 comm="systemd-logind" name=".#scheduledKNqxuo" scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0

Was caused by:
Missing type enforcement (TE) allow rule.

You can use audit2allow to generate a loadable module to allow this access.


# cd /etc/selinux/targeted/policy
# grep systemd-logind /var/log/audit/audit.log | audit2allow -M mypol
# sudo semodule -i mypol.pp

  搞定,这样在当前目录下就生成了两个文件:mypol.pp mypol.te,看看:

# vim mypol.te

#============= systemd_logind_t ==============
allow systemd_logind_t init_var_run_t:file create;


# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      29
# shutdown -h +30
Shutdown scheduled for Mon 2015-11-30 13:31:26 CST, use 'shutdown -c' to cancel.

  Bingo!这样以后晚上工作没完成时,就可以让我的电脑多加一下班啦 :)
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息