View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0017299 | CentOS-8 | selinux-policy | public | 2020-04-28 14:15 | 2020-04-29 04:27 |
| Reporter | Raven | Assigned To | |||
| Priority | normal | Severity | block | Reproducibility | sometimes |
| Status | new | Resolution | open | ||
| Product Version | 8.1.1911 | ||||
| Summary | 0017299: SELinux is preventing /usr/bin/mongod from read access on the file memory.limit_in_bytes. | ||||
| Description | SELinux is preventing /usr/bin/mongod from read access on the file memory.limit_in_bytes. This Error prevents mongodb from running. This is the second time i have fun into this error. The first time was immediately after a fresh install of CentOS8. Mongo was installed using "dnf install mongodb-org-4.2.6-1.el8.x86_64" and this error prevented mongo from running at all. In frustration and not being able to find a solution and using the suggested semodule command was not fixing the problem I reformatted and reinstalled CentOS8. This second time the error did not happen and i was able to get mongodb running and a test database imported and in use for 2 weeks. This morning i ran dnf update and now mongodb returns this same error when i try to start the service. # systemctl status mongod.service ● mongod.service - MongoDB Database Server Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Tue 2020-04-28 08:07:00 CST; 11s ago Docs: https://docs.mongodb.org/manual Process: 3893 ExecStart=/usr/bin/mongod $OPTIONS (code=exited, status=14) Process: 3889 ExecStartPre=/usr/bin/chmod 0755 /var/run/mongodb (code=exited, status=0/SUCCESS) Process: 3888 ExecStartPre=/usr/bin/chown mongod:mongod /var/run/mongodb (code=exited, status=0/SUCCESS) Process: 3886 ExecStartPre=/usr/bin/mkdir -p /var/run/mongodb (code=exited, status=0/SUCCESS) Starting MongoDB Database Server... about to fork child process, waiting until server is ready for connections. forked process: 3897 ERROR: child process failed, exited with error number 14 To see additional information in this output, start without the "--fork" option. mongod.service: Control process exited, code=exited status=14 mongod.service: Failed with result 'exit-code'. Failed to start MongoDB Database Server. # journalctl -xe ***** Plugin catchall (100. confidence) suggests ************************** If you believe that mongod should be allowed read access on the memory.limit_in_bytes file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'mongod' --raw | audit2allow -M my-mongod # semodule -X 300 -i my-mongod.pp | ||||
| Steps To Reproduce | I am currently preparing another machine to test and to try and reproduce yet again. But I have other work that requires this particular machine to remain as is for the short term. This is my second time having this error. Both instances are immediately after a fresh install or shortly after a fresh install of CentOS8 Mongodb was always installed from repo as listed above. | ||||
| Tags | No tags attached. | ||||
 |
It appears i missed this in the Mongo Documentation. I was thrown off as i was able to use the Database without alteration until updates were run. If SELinux is in enforcing mode, you must customize your SELinux policy for MongoDB as detailed on this mongodb manual page. https://docs.mongodb.com/manual/tutorial/install-mongodb-on-red-hat/ |
