Hi all,
We have MQ HA RDQM running on SELinux. During the installation, the command "semanage permissive -a drbd_t" was not executed.
In the log we see the message: "SELinux is preventing /usr/sbin/drbdsetup from getattr access on the netlink_generic_socket labeled drbd_t.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that drbdsetup should be allowed getattr access on netlink_generic_socket labeled drbd_t by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'drbdsetup' --raw | audit2allow -M my-drbdsetup#012# semodule -X 300 -i my-drbdsetup.pp#012"
Can we still execute the command on a running MQ environment without stopping the queuemanager, or is there something we need to take care of ?
Greetings,
Peter