CentOS8添加自定义SSH端口失败处理方法

最新推荐文章于 2024-01-19 23:41:38 发布

原创

最新推荐文章于 2024-01-19 23:41:38 发布 · 1.4k 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#ssh #linux #centos #运维 #服务器

本文介绍了解决CentOS8系统中SELinux自定义SSH端口失效的方法。通过卸载并重装相关组件，确保自定义端口设置生效。

故障原因分析

CentOS8系统安装policycoreutils-python-utils-2.9-16.el8.noarch后，能够通过semanage正常添加自定义ssh端口，随后对系统执行dnf update更新系统后发现原来添加的自定义ssh端口失效，如下

[root@vps ~]# getenforce 
Enforcing
[root@vps ~]# semanage port -l | grep ssh
ssh_port_t                     tcp      22    //仅剩下原默认端口

重新添加出现以下报错信息

[root@vps ~]# semanage port -a -t ssh_port_t -p tcp 44422
libsepol.context_from_record: type kdump_var_lib_t is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert system_u:object_r:kdump_var_lib_t:s0 to sid
invalid context system_u:object_r:kdump_var_lib_t:s0
libsemanage.semanage_validate_and_compile_fcontexts: setfiles returned error code 255.
OSError: [Errno 0] Error
[root@vps ~]#

由此可知故障为升级系统导致，通过分析确定解决方法为重装selinux-policy。

故障处理步骤

1.卸载semanage

[root@vps ~]# dnf remove policycoreutils-python-utils-2.9-16.el8.noarch
Repository cr is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository extras-source is listed more than once in the configuration
Repository fasttrack is listed more than once in the configuration
Dependencies resolved.
===========================================================================================================================================
 Package                                   Architecture        Version                                       Repository               Size
===========================================================================================================================================
Removing:
 policycoreutils-python-utils              noarch              2.9-16.el8                                    @BaseOS                 138 k
Removing dependent packages:
 setroubleshoot-plugins                    noarch              3.3.14-1.el8                                  @AppStream              2.6 M
 setroubleshoot-server                     x86_64              3.3.24-4.el8                                  @AppStream              1.3 M
Removing unused dependencies:
 checkpolicy                               x86_64              2.9-1.el8                                     @BaseOS                 1.7 M
 python3-audit                             x86_64              3.0-0.17.20191104git1c2f876.el8               @BaseOS                 325 k
 python3-libsemanage                       x86_64              2.9-6.el8                                     @BaseOS                 438 k
 python3-policycoreutils                   noarch              2.9-16.el8                                    @BaseOS                 5.4 M
 python3-setools                           x86_64              4.3.0-2.el8                                   @BaseOS                 2.6 M

Transaction Summary
===========================================================================================================================================
Remove  8 Packages

Freed space: 14 M
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                   1/1 
  Erasing          : setroubleshoot-plugins-3.3.14-1.el8.noarch                                                                        1/8 
  Erasing          : setroubleshoot-server-3.3.24-4.el8.x86_64                                                                         2/8 
  Running scriptlet: setroubleshoot-server-3.3.24-4.el8.x86_64                                                                         2/8 
  Erasing          : policycoreutils-python-utils-2.9-16.el8.noarch