我的 centeron 使用 sshd 连接到我的服务器,其中一个用户没有设置密码。一后:
sealert -a /var/log/audit/audit.log
我申请 :
ausearch -c "sshd" --raw | audit2allow -M my-sshd
semodule -X 300 -i my-sshd.pp
但问题依然存在,centeron无法连接。
当前策略类型中允许无效的 AVC = AVC msg=audit(1684226954.617:1575992): avc: 拒绝 { read } for pid=16244 comm="sshd" name="authorized_keys" dev="dm-0" ino=1458525 scontext= system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=文件许可=0
audit2allow -w -a
type=AVC msg=audit(1684224853.222:1574641): avc: denied { read } for pid=10255 comm="sshd" name="authorized_keys" dev="dm-0" ino=1458525 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=file permissive=0
Was caused by:
Unknown - would be allowed by active policy
Possible mismatch between this policy and the one under which the audit message was generated.
Possible mismatch between current in-memory boolean settings vs. permanent ones.
有什么线索吗?谢谢