下载了CentOS 7的内核,准备编译一下,结果每次make都提示需要升级编译器,于是我编译安装了一个gcc 10,安装在了
/home/virtual/SoftwareLibrary中,结果重启后,系统就凉了,启动过程停在Host SMBus controller not enabled这句话
停在Host SMBus controller not enabled其实并不代表系统凉凉,按Ctrl+Alt+F2就可以切换到控制台模式。
登陆系统后,尝试ping命令,发现网络无问题,于是尝试启动ssh服务:
systemctl restart sshd
发现失败了,提示我用journalctl -xe查看日志。
在日志里发现了大量的失败:
Jun 17 22:23:45 localhost.localdomain sh[1151]: /usr/bin/abrt-dump-oops: error while loading shared libraries: libgcc_s.so.1: failed to map segment from shared object: Permission denied
Jun 17 22:23:45 localhost.localdomain sh[1151]: abrt-watch-log: Warning, '/usr/bin/abrt-dump-oops' did not process its input
Jun 17 22:23:45 localhost.localdomain setroubleshoot[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1. For complete SELinux messages run: sealert -l 6e60010a-b78e-4de5-b3ec-126f46e60558
Jun 17 22:23:45 localhost.localdomain python[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that abrt-dump-xorg should be allowed execute access on the libgcc_s.so.1 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrt-dump-xorg' --raw | audit2allow -M my-abrtdumpxorg
# semodule -i my-abrtdumpxorg.pp
Jun 17 22:23:47 localhost.localdomain sh[1151]: /usr/bin/abrt-dump-oops: error while loading shared libraries: libgcc_s.so.1: failed to map segment from shared object: Permission denied
Jun 17 22:23:47 localhost.localdomain sh[1151]: abrt-watch-log: Warning, '/usr/bin/abrt-dump-oops' did not process its input
Jun 17 22:23:47 localhost.localdomain setroubleshoot[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1. For complete SELinux messages run: sealert -l 6e60010a-b78e-4de5-b3ec-126f46e60558
Jun 17 22:23:47 localhost.localdomain python[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that abrt-dump-xorg should be allowed execute access on the libgcc_s.so.1 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrt-dump-xorg' --raw | audit2allow -M my-abrtdumpxorg
# semodule -i my-abrtdumpxorg.pp
Jun 17 22:23:49 localhost.localdomain sh[1151]: /usr/bin/abrt-dump-oops: error while loading shared libraries: libgcc_s.so.1: failed to map segment from shared object: Permission denied
Jun 17 22:23:49 localhost.localdomain sh[1151]: abrt-watch-log: Warning, '/usr/bin/abrt-dump-oops' did not process its input
Jun 17 22:23:49 localhost.localdomain setroubleshoot[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1. For complete SELinux messages run: sealert -l 6e60010a-b78e-4de5-b3ec-126f46e60558
Jun 17 22:23:49 localhost.localdomain python[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that abrt-dump-xorg should be allowed execute access on the libgcc_s.so.1 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrt-dump-xorg' --raw | audit2allow -M my-abrtdumpxorg
# semodule -i my-abrtdumpxorg.pp
Jun 17 22:23:50 localhost.localdomain sudo[3429]: pam_unix(sudo:session): session closed for user root
Jun 17 22:23:50 localhost.localdomain setroubleshoot[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1. For complete SELinux messages run: sealert -l 6e60010a-b78e-4de5-b3ec-126f46e60558
Jun 17 22:23:50 localhost.localdomain python[1614]: SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that abrt-dump-xorg should be allowed execute access on the libgcc_s.so.1 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'abrt-dump-xorg' --raw | audit2allow -M my-abrtdumpxorg
# semodule -i my-abrtdumpxorg.pp
仔细研究,关键的一行是
SELinux is preventing /usr/bin/abrt-dump-xorg from execute access on the file /home/virtual/SoftwareLibrary/lib64/libgcc_s.so.1.
这不正好是我的gcc安装路径么?看来是系统启动的时候加载的模块在我的路径中,无法访问。
我用chmod将相关路径设为744,给了读权限,却还是失败,很疑惑。
于是我去/etc/ld.so.conf.d/中,将搜索路径/home/virtual/SoftwareLibrary/lib64/去掉,ldconfig后,再次systemctl restart sshd就成功了。看来gcc要安装在一个所有人都能访问的目录?