重新启动之前修改了selinux的配置,disable selinux,估计多半是修改的时候哪里改错了。
在网上搜索了一下,解决方案是在系统启动时找到 linux16 那一行,在启动配置像里加一项selinux=0。具体做法是在启动页面,选择要启动的内核 按 E,结果我按了E后,找不到linux16那一行,仔细一看,还有个光标向下的箭头,接着向下按,找到了,改好后如图:
然后按ctrol+X,系统可以启动了,启动后检查配置文件/etc/selinux/config中的“SELINUX”参数的值:
错误非常明显,改成下面的就正常了:
$ cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
手工关闭方法如下:
[oracle@localhost ~]$ sudo sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
[oracle@localhost ~]$ sudo -i
[root@localhost ~]# setenforce
usage: setenforce [ Enforcing | Permissive | 1 | 0 ]
[root@localhost ~]# setenforce 0
[root@localhost ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
