{"id":167,"date":"2018-02-04T19:00:10","date_gmt":"2018-02-04T11:00:10","guid":{"rendered":"https:\/\/cloudbool.com\/archive\/?p=167"},"modified":"2018-02-04T19:00:10","modified_gmt":"2018-02-04T11:00:10","slug":"centos-7-disable-selinux","status":"publish","type":"post","link":"https:\/\/cloudbool.com\/archive\/centos-7-disable-selinux.html","title":{"rendered":"CentOS 7 \u7981\u7528SELinux"},"content":{"rendered":"<p>\u6309\u7167\u6d41\u7a0b\u5b89\u88c5\u597dCentOS7\u7cfb\u7edf\u4e4b\u540e\uff0c\u5982\u679c\u6ca1\u6ce8\u610f\uff0c\u7ecf\u5e38\u4f1a\u9047\u5230<strong><em>Permission denied<\/em><\/strong>\u9519\u8bef\uff0c\u90a3\u53ef\u80fd\u9700\u8981\u8003\u8651\u4e00\u4e0b\u662f\u4e0d\u662f\u56e0\u4e3aSELinux\u914d\u7f6e\u4e0d\u5f53\u5bfc\u81f4\u7684\u3002<br \/>\n<!--more--><br \/>\n\u6bd4\u5982\u8bf4\u4e0b\u9762\u8fd9\u4e2aNginx\u65e5\u5fd7\u4e2d\u8bb0\u5f55\u7684\u95ee\u9898\uff1a<\/p>\n<pre><code>2018\/01\/30 18:02:49 [crit] 951#951: *1 connect() to unix:\/run\/php-fpm\/php-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 113.91.150.2, server: cloudbool.com, request: \"GET \/favicon.ico HTTP\/1.1\", upstream: \"fastcgi:\/\/unix:\/run\/php-fpm\/php-fpm.sock:\", host: \"cloudbool.com\", referrer: \"https:\/\/cloudbool.com\/archive\/\"\n<\/code><\/pre>\n<p>\u914d\u7f6eNginx\u7684\u65f6\u5019\uff0c\u8001\u662f\u62a5502\u9519\u8bef\uff0c\u6211\u786e\u8ba4\u6211\u540e\u7aefPHP-FPM\u914d\u7f6e\u6ca1\u6709\u95ee\u9898\uff0c\u76d1\u542c\u8def\u5f84\u4e5f\u662f\u6ca1\u95ee\u9898\uff0c\u4f46\u662f\u65e0\u8bba\u600e\u4e48\u8c03\u8bd5\uff0c\u600e\u4e48\u91cd\u542f\u90fd\u662f\u62a5502\uff0c\u8fd9\u4e0b\u771f\u662f\u767e\u601d\u4e0d\u5f97\u5176\u59d0\u3002<br \/>\n\u60f3\u6765\u60f3\u53bb\u8fd8\u662f\u67e5\u770bNginx\u65e5\u5fd7\uff0c\u7a81\u7136\uff0c\u4eceNginx\u53d1\u73b0\u4e86\u4e0a\u9762\u90a3\u6bb5\u8bb0\u5f55\uff0c\u65e5\u5fd7\u91cc\u5f88\u660e\u786e\u63d0\u793a\u4e86\uff0c\u8fde\u63a5\u4e0a\u6e38PHP-FPM\u7684\u65f6\u5019\u6743\u9650\u4e0d\u5141\u8bb8\uff0c\u4e8e\u662f\u6211\u67e5\u770b\u4e86Nginx\u548cPHP-FPM\u7684\u8fd0\u884c\u7528\u6237\uff0c\u53d1\u73b0\u662f\u4e00\u81f4\u7684\uff0c\u8fd9\u4e0b\u53ea\u80fd\u8003\u8651SELinux\u4e86\u3002<br \/>\n\u8bf4\u4e00\u4e0bSELinux\u8fd9\u4e1c\u897f\u3002<br \/>\n\u90fd\u8bf4SELinux\u5f88\u5389\u5bb3\u7684\u4e00\u4e2a\u5de5\u5177\uff0c\u4f46\u662f\u662f\u5728\u914d\u7f6e\u597d\u7684\u60c5\u51b5\u4e0b\uff0c\u6211\u7528\u4e86CentOS7\u8fd9\u4e48\u4e45\uff0c\u5c31\u6ca1\u89c1\u8c01\u8ba4\u771f\u7814\u7a76\u8fc7\u8fd9\u4e1c\u897f\uff0c\u5927\u5bb6\u90fd\u662f\u53ea\u77e5\u5176\u540d\uff0c\u6ca1\u89c1\u8c01\u7528\u8fc7\uff0c\u6211\u4e5f\u4e00\u6837\uff0c\u5b9e\u5728\u6ca1\u90a3\u4e48\u591a\u7cbe\u529b\u53bb\u7814\u7a76\uff0c\u5f00\u7740\u8fd8\u5e72\u6270\u6211\u4f7f\u7528\u670d\u52a1\u5668\uff0c\u53ea\u80fd\u8003\u8651\u5173\u95ed\u4e86\u3002<br \/>\n\u67e5\u770bSELiunx\u72b6\u6001\uff1a<\/p>\n<pre><code>sestatus\n<\/code><\/pre>\n<p>\u5982\u679c\u7ed3\u679c\u4e0d\u662f<strong><em>disabled<\/em><\/strong>\uff0c\u5219\u8bf4\u660e\u5f53\u524dSELinux\u662f\u5f00\u7740\u7684\uff0c\u6211\u4eec\u9700\u8981\u66f4\u6539\u914d\u7f6e\u6587\u4ef6\u5c06\u5176\u6c38\u4e45\u5173\u95ed\uff1a<\/p>\n<pre><code>vim \/etc\/selinux\/config\n# This file controls the state of SELinux on the system.\n# SELINUX= can take one of these three values:\n#     enforcing - SELinux security policy is enforced.\n#     permissive - SELinux prints warnings instead of enforcing.\n#     disabled - No SELinux policy is loaded.\nSELINUX=disabled  # \u5c06\u8fd9\u884c\u6539\u4e3adisabled\n# SELINUXTYPE= can take one of three two values:\n#     targeted - Targeted processes are protected,\n#     minimum - Modification of targeted policy. Only selected processes are protected.\n#     mls - Multi Level Security protection.\nSELINUXTYPE=targeted\n<\/code><\/pre>\n<p>\u5c06\u4e0a\u9762<strong><em>SELINUX<\/em><\/strong>\u6539\u4e3adisabled\uff0c\u7136\u540e\u91cd\u542f\u7cfb\u7edf\u5c31\u597d\u4e86\u3002<br \/>\n\u4e4b\u524d\u662f\u8bf4\u6709\u4e2a\u4e34\u65f6\u5173\u95edSELinux\u7684\u547d\u4ee4\uff0c\u4f46\u662f\u6211\u53d1\u73b0\uff0c\u4ece\u67d0\u4e2a\u7cfb\u7edf\u7248\u672c\u5f00\u59cb\uff0c\u90a3\u4e2a\u547d\u4ee4\u6b7b\u6d3b\u4e0d\u80fd\u4e34\u65f6\u5173\u95ed\uff0c\u6682\u65f6\u53d1\u73b0\u53ea\u80fd\u8fd9\u4e48\u6c38\u4e45\u5173\u95ed\u4e86\u3002\u547d\u4ee4\u5982\u4e0b\uff1a<\/p>\n<pre><code>setenforce 0\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u6309\u7167\u6d41\u7a0b\u5b89\u88c5\u597dCentOS7\u7cfb\u7edf\u4e4b\u540e\uff0c\u5982\u679c\u6ca1\u6ce8\u610f\uff0c\u7ecf\u5e38\u4f1a\u9047\u5230Permission denied\u9519\u8bef\uff0c\u90a3\u53ef\u80fd\u9700\u8981 &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/cloudbool.com\/archive\/centos-7-disable-selinux.html\"> <span class=\"screen-reader-text\">CentOS 7 \u7981\u7528SELinux<\/span> \u67e5\u770b\u5168\u6587 &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[182],"tags":[17,211],"class_list":["post-167","post","type-post","status-publish","format-standard","hentry","category-linux","tag-centos","tag-selinux"],"_links":{"self":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/posts\/167","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/comments?post=167"}],"version-history":[{"count":0,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/posts\/167\/revisions"}],"wp:attachment":[{"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/media?parent=167"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/categories?post=167"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudbool.com\/archive\/wp-json\/wp\/v2\/tags?post=167"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}