解决SELINUX限制quota的问题

*****  Plugin catchall_labels (83.8 confidence) suggests  ********************

If you want to allow quotacheck to have write access on the quotadisk directory
Then you need to change the label on /quotadisk
Do
# semanage fcontext -a -t FILE_TYPE '/quotadisk' <=执行此命令,要把FILE_TYPE换成下面的一种
where FILE_TYPE is one of the following:boot_t, root_t, tmp_t, usr_t, var_t, mail_spool_t, etc_t, mqueue_spool_t, var_spool_t, home_root_t.
Then execute:
restorecon -v '/quotadisk'


*****  Plugin catchall (17.1 confidence) suggests  ***************************

If you believe that quotacheck should be allowed write access on the quotadisk directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep quotacheck /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
---------------------------------------------------------------

相关推荐