systemctl disable firewalld Failed to disable unit: Access denied

1、问题描述
无法禁用firewalld服务

[root@controller ~]# systemctl disable firewalld
Failed to disable unit: Access denied
[root@controller ~]# cat /etc/sudoers.d/stack
stack ALL=(ALL) NOPASSWD: ALL
[root@controller ~]# su - stack
[stack@controller ~]$ sudo systemctl disable firewalld.service
Failed to disable unit: Access denied

2、问题分析
可能是因为selinux是以Enforcing模式运行。这里我们查看下firewalld服务的selinux安全上下文。

可以看到selinux上下文是不一样的，前者为systemd_unit_file_t，后者为firewalld_unit_file_t

[root@controller multi-user.target.wants]# pwd
/etc/systemd/system/multi-user.target.wants
[root@controller multi-user.target.wants]# ll -Z /etc/systemd/system/multi-user.target.wants/firewalld.service
lrwxrwxrwx. 1 root root system_u:object_r:systemd_unit_file_t:s0 41 Jun 10 10:05 /etc/systemd/system/multi-user.target.wants/firewalld.service -> /usr/lib/systemd/system/firewalld.service
[root@controller multi-user.target.wants]# ll -Z /usr/lib/systemd/system/firewalld.service
-rw-r--r--. 1 root root system_u:object_r:firewalld_unit_file_t:s0 674 Aug  9  2021 /usr/lib/systemd/system/firewalld.service

3、问题解决
修改文件 /etc/systemd/system/multi-user.target.wants/firewalld.service 的 selinux安全上下文为 firewalld_unit_file_t

[root@controller ~]# chcon -R -t firewalld_unit_file_t /etc/systemd/system/multi-user.target.wants/firewalld.service
[root@controller ~]# ll -Z /etc/systemd/system/multi-user.target.wants/firewalld.service
lrwxrwxrwx. 1 root root system_u:object_r:firewalld_unit_file_t:s0 41 Jun 10 10:05 /etc/systemd/system/multi-user.target.wants/firewalld.service -> /usr/lib/systemd/system/firewalld.service

重启！！！！

4、重新禁用firewalld服务，问题解决！！！

[root@controller ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@controller ~]# getenforce
Enforcing

systemctl disable firewalld Failed to disable unit: Access denied相关推荐

Suse发生了错误Access denied for user #39;#39;@#39;localhost#39; toamp;
好久没实用MySQL了,上次由于装了Banq的论坛系统.在用MySQL Administrator进去的时候居然提示mysql error number 1045 access denied for ...
denied 虚拟机access_彻底解决Ubuntu SSH 无法远程登录及root 登录ACCESS Denied 问题
采用VM虚拟机安装了Ubuntu 16.04 ,采用SSH远程连接发现了两个问题(与Centos不一样). 第一,是SSH无法连接上刚建立的虚拟服务器. 原因是Ubuntu没有默认安装SSH服务,需要 ...
彻底解决Ubuntu SSH 无法远程登录及root 登录ACCESS Denied 问题
采用VM虚拟机安装了Ubuntu 16.04 ,采用SSH远程连接发现了两个问题(与Centos不一样). 第一,是SSH无法连接上刚建立的虚拟服务器. 原因是Ubuntu没有默认安装SSH服务,需要 ...
service mysqld start,Failed to start mysqld.service: Access denied
service mysqld start 然后报: ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units === Authenti ...
Linux Centos8 Mysql启动（Active: failed (Result: exit-code)）及登录报错（ERROR 1045 (28000): Access denied ）
Linux Centos8 环境上启动mysql 启动报错如下: [root@MaxwellDBA ~]# systemctl start mysqld Job for mysqld.service ...
Failed to enable unit: Unit file docker.service does not exist
// 启动docker systemctl start docker Failed to start docker.service: Unit docker.service not founddnf ...
The request failed with HTTP status 401:Access Denied
症状当您尝试调用 Web 服务应用程序并且匿名访问身份验证处于关闭状态时,可能会收到以下错误信息. The request failed with HTTP status 401:Access D ...
如何解决SVN Commit failed (details follow): Access denied
遇到问题:因工作需求,今天去项目组备份svn虚拟机.当A同事看到我,说:"你是来备份svn的吧,那我抓紧还有点数据准备提及."想等他提交完了,我再开始备份. 问题来了:A同事拿U盘 ...
zabbix' failed: [1044] Access denied for user 'zab
环境: zabbix 3.4 Redhat 6.5 64 PHP 5.5 Mysql 5.6 Nginx 1.6 现象:登录zabbix后,提示service is not runing ,zabb ...

systemctl disable firewalld Failed to disable unit: Access denied

systemctl disable firewalld Failed to disable unit: Access denied相关推荐

最新文章

热门文章