环境:数字海洋水滴,CentOS 8
状态httpd_can_network_relay
设置为开启。但是默认设置为关闭。
$ sudo semanage boolean -l | grep httpd_can_network_relay
httpd_can_network_relay (on , off) Allow httpd to can network relay
但是当我尝试将默认值设置为开启时,出现了错误。我不确定该如何解决。
$ sudo setsebool httpd_can_network_relay 1 -P
libsepol.context_from_record: type systemd_sleep_exec_t is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert system_u:object_r:systemd_sleep_exec_t:s0 to sid
invalid context system_u:object_r:systemd_sleep_exec_t:s0
笔记: 所有 repos 均与 dnf 保持同步更新。
$ dnf repolist
appstream CentOS Linux 8 - AppStream
baseos CentOS Linux 8 - BaseOS
epel Extra Packages for Enterprise Linux 8 - x86_64
epel-modular Extra Packages for Enterprise Linux Modular 8 - x86_64
extras CentOS Linux 8 - Extras
nginx-stable nginx stable repo
nodesource Node.js Packages for Enterprise Linux 8 - x86_64
答案1
嗯。我能想到的唯一可能导致此问题的原因是磁盘上的 SELinux 策略已损坏。尝试重新安装它。
dnf reinstall "selinux-policy*"