The chcp command displays or configures the active code page number. The cd command is the shorthand version of the chdir command. The call command is used to run a script or batch program from within another script or batch program. The cacls command is used to display or change access control lists of files. The break command sets or clears extended CTRL+C checking on DOS systems. The bootcfg command is used to build, modify, or view the contents of the boot.ini file, a hidden file that is used to identify in what folder, on which partition, and on which hard drive Windows is located. The attrib command is used to change the attributes of a single file or a directory. The atmadm command is used to display information related to asynchronous transfer mode (ATM) connections on the system. The at command is used to schedule commands and other programs to run at a specific date and time. The assoc command is used to display or change the file type associated with a particular file extension. The arp command is used to display or change entries in the ARP cache. The append command is not available in 64-bit versions of Windows XP. Type=SYSCALL msg=audit(1423571712.The append command can be used by programs to open files in another directory as if they were located in the current directory. Type=AVC msg=audit(1423571712.831:708): avc: denied for pid=7340 comm="shutdown" capability=24 scontext=system_u:system_r:apmd_t:s0 tcontext=system_u:system_r:apmd_t:s0 tclass=capability permissive=0 Platform Linux localhost.localdomain 3.18.86_64 Target Context system_u:system_r:apmd_t:s0 Source Context system_u:system_r:apmd_t:s0 # grep shutdown /var/log/audit/audit.log | audit2allow -M mypol You can generate a local policy module to allow this access. If you believe that systemctl should have the sys_resource capability by default. * Override max number of consoles on console allocation */įix the cause of the SYS_RESOURCE on your system. * Allow more than 64hz interrupts from the real-time clock */ * Override size restrictions on IPC message queues */ * NOTE: ext2 honors fsuid when checking for resource overrides, so * Modify data journaling mode on ext3 filesystem (uses journaling * Override reserved space on ext2 filesystem */ Then you need to diagnose why your system is running out of system resources and fix the problem.Īccording to /usr/include/linux/capability.h, sys_resource is required to: If you do not want processes to require capabilities to use up all the system resources on your system SELinux is preventing /usr/bin/systemctl from using the sys_resource capability. I managed to get the SELinux trouble shoot detail from the issue.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |