參考網站:鳥哥的 Linux 私房菜 — 程序管理與 SELinux 初探
使用 audit2why 工具
auditd 會將 SELinux 發生的錯誤資訊寫入 /var/log/audit/audit.log
CentOS 7.x
# systemctl list-unit-files | grep audit
auditd.service enabled
CentOS 6.x
# chkconfig –list | grep audit
auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[@more@]
# /usr/bin/audit2why < /var/log/audit/audit.log
Was caused by:
The boolean httpd_unified was set incorrectly.
Description:
Allow httpd to unified
Allow access by executing:
# setsebool -P httpd_unified 1
解決方式:
# setsebool -P httpd_unified 1