[lustre-discuss] Lustre client cannot access file system with SELinux enabled
Michael Watters
wattersm at watters.ws
Thu Dec 1 13:10:35 PST 2016
Hello,
I have a lustre client running CentOS 7.2 with lustre 2.8 which is
having issues accessing files on the lustre mount from Apache. There are
no AVC denials shown in the logs however Apache does show an error in
the logs as follows.
> AH00035: access to /repos/centos2/index.html denied (filesystem path
'/var/www/html/repos/centos2/index.html') because search permissions are
missing on a component of the path
I checked file permissions and they are fine. SELinux context is set to
unlabeled_t as shown by ls -lZ.
[root at srv1 pub]# ls -lZ
drwxrwxr-x. mirrmaid mirrmaid system_u:object_r:unlabeled_t:s0 centos
I attempted to chcon the files to allow apache access however that also
errors out.
[root at srv1 pub]# chcon -v r:httpd_sys_content_t:s0 centos/
changing security context of ‘centos/’
chcon: failed to change context of ‘centos/’ to
‘r:httpd_sys_content_t:s0’: Invalid argument
Does Lustre 2.8 support SELinux or should I simply turn SELinux off? Is
there a way to make SELinux labels work properly?
More information about the lustre-discuss
mailing list