질문: groupadd여기서는 왜 실패했나요? SELinux와 관련이 있나요? 아니면 버그일까요?
문제를 발견 mv /etc/group+ /etc/group했습니다 ...strace groupadd
[root@notebook ~]# groupadd testing
groupadd: failure while writing changes to /etc/group
[root@notebook ~]# grep testing /var/log/audit/audit.log
type=ADD_GROUP msg=audit(1465386369.617:2553): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-group acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
type=GRP_MGMT msg=audit(1465386369.618:2554): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=adding-shadow-group acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
type=ADD_GROUP msg=audit(1465386369.618:2555): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=adding-group acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
type=ADD_GROUP msg=audit(1465386369.618:2556): pid=4008 uid=0 auid=1001 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op= acct="testing" exe="/usr/sbin/groupadd" hostname=? addr=? terminal=pts/0 res=failed'
[root@notebook ~]#
[root@notebook ~]# ls -Z /usr/sbin/groupadd
-rwxr-x---. root root unconfined_u:object_r:groupadd_exec_t:s0 /usr/sbin/groupadd
[root@notebook ~]# ls -Z /usr/bin/mv
-rwxr-xr-x. root root system_u:object_r:bin_t:s0 /usr/bin/mv
[root@notebook ~]#
[root@notebook ~]# lsb_release -r
Release: 7.2
[root@notebook ~]#
[root@notebook ~]# mv -f /etc/group+ /etc/group
mv: cannot move ‘/etc/group+’ to ‘/etc/group’: Device or resource busy
[root@notebook ~]#
[root@notebook ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
[root@notebook ~]#