maxent是我們的系統用最大熵做關鍵字提取時用到的一個庫。今天上午查看系統日誌的時候,發現有一個SELinux的報警:
Apr 3 04:57:49 nserver setroubleshoot: SELinux is preventing /usr/local/bin/python from loading /usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so which requires text relocation. For complete SELinux messages. run sealert -l 6c940625-07c7-4f49-87a5-8f06b9361590
執行sealert -l 6c940625-07c7-4f49-87a5-8f06b9361590看到的詳細信息如下:
Summary
SELinux is preventing /usr/local/bin/python from loading
/usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so which requires
text relocation.
Detailed Description
The /usr/local/bin/python application attempted to load
/usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so which requires
text relocation. This is a potential security problem. Most libraries do
not need this permission. Libraries are sometimes coded incorrectly and
request this permission. The http://people.redhat.com/drepper/selinux-
mem.html web page explains how to remove this requirement. You can
configure SELinux temporarily to allow /usr/local/lib/python2.5/site-
packages/maxent/_cmaxent.so to use relocation as a workaround, until the
library is fixed. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.
Allowing Access
If you trust /usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so to
run correctly, you can change the file context to textrel_shlib_t. "chcon -t
textrel_shlib_t /usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so"
The following command will allow this access:
chcon -t textrel_shlib_t /usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so
可能是maxent的Python Wrapper的問題吧。按提示執行了chcon -t textrel_shlib_t /usr/local/lib/python2.5/site-packages/maxent/_cmaxent.so,回頭再看看