View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions What do I do if I see AVC denial errors?
Log in to Ask a Question

What do I do if I see AVC denial errors?

selinux error avc denial
Linode Staff

My console's boot log is getting flooded with AVC denial errors, and I can't connect:

[ 1156.403292] type=1400 audit(1577737607.813:1791): avc:  denied  { unlink } f0
[ 1156.412489] type=1400 audit(1577737607.823:1792): avc:  denied  { open } for0
[ 1156.420938] type=1400 audit(1577737607.832:1793): avc:  denied  { open } for0
[ 1156.426026] type=1400 audit(1577737607.837:1794): avc:  denied  { unlink } f0
[ 1156.431511] type=1400 audit(1577737607.842:1795): avc:  denied  { open } for0

What should I do?

1 Reply

Linode Staff

After doing some research, it looks like these denial errors are originating from SELinux. The most common troubleshooting steps I found revolve around editing your SELinux policies to be "permissive" or "disabled".

Here are some troubleshooting articles I found from various sources:

From CentOS: SELinux

From Red Hat: What Happens when Access is Denied?

From Fedora DOCS: Changing SELinux states and modes

Once you edit your policies so that the error messages don't print to your console's boot log, you should be able to get to a login prompt when your server boots.

A couple other things to try along the way that may address any background processes (rebooting) or file corruption (file system check):

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct