unable to start sshd daemon due libcrypto issue
Hi team ,
when i am checking that my os is not able to do ssh /sftp to other server , i see that sshd daemon is not starting . i tried to give sshd restart but following messages pops up : Starting sshd: /usr/sbin/sshd: error while loading shared libraries: libcrypto.so.10: failed to map segment from shared object: Permission denied [FAILED] please support for any idea |
Quote:
Code:
ls -Z $(locate -r libcrypto.so*) Code:
restorecon -nvv $(locate -r libcrypto.so*) Code:
grep 'libcrypto.so' /var/log/audit/audit.log|audit2allow |
sshd daemon----libcrypto issue
Hi ,
Please find teh atttached logs : [root@TIOCC101 selinux]# ls -Z $(locate -r libcrypto.so*) -bash: locate: command not found -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 config -rw-r--r--. root root unconfined_u:object_r:selinux_config_t:s0 config_backup -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 restorecond.conf -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 restorecond_user.conf -rw-r--r--. root root system_u:object_r:selinux_config_t:s0 semanage.conf drwxr-xr-x. root root system_u:object_r:selinux_config_t:s0 targeted [root@TIOCC101 selinux]# ================ [root@TIOCC101 audit]# [root@TIOCC101 audit]# restorecon -nvv $(locate -r libcrypto.so*) -bash: locate: command not found [root@TIOCC101 audit]# ================= can u please help me out to dog this out .??? what can be causing this |
Quote:
Secondly you executed a command without looking at its error output. That is not good. I'll adjust the command for you to run again: Code:
find /lib* /usr/lib* -iname \*libcrypto\* -printf "%p %Z\n" |
[root@TIOCC101 ~]#
[root@TIOCC101 ~]# find /lib* /usr/lib* -iname \*libcrypto\* -printf "%p %Z\n" /usr/lib64/.libcrypto.so.1.0.0.hmac unconfined_u:object_r:usr_t:s0 /usr/lib64/libcrypto.so.1.0.0 unconfined_u:object_r:usr_t:s0 /usr/lib64/libcrypto.so.1.0.0.bak unconfined_u:object_r:usr_t:s0 /usr/lib64/.libcrypto.so.10.hmac unconfined_u:object_r:usr_t:s0 /usr/lib64/libcrypto.so.10 unconfined_u:object_r:usr_t:s0 |
Hi ,
is there any way by which we can solve the problem as mgmt is pushing for a ETA & i cant comment on that . They are coming with to reinstall the same again with full application and all to be done again and i somehow want to avoid this retask. thanks Gulab skype-- gulab.sharma4 |
Quote:
Quote:
Quote:
|
Hi ,
Thanks for reply. i will try to extecute these commands suggested by you . Could u please put the same in a simpler steps to execute these as i am new to this particular OS & restoration step. Appreciate the support Regards Gulab Sharma |
Quote:
Code:
genhomedircon Code:
restorecon -fvv /usr/lib64/libcrypto.so* |
Hi ,
I tried the second option of restorecon but getting this error while executing from root. [root@TIOCC102 ~]# restorecon -fvv /usr/lib64/libcrypto.so* Unable to open vv: No such file or directory usage: restorecon [-iFnprRv0] [-e excludedir ] [-o filename ] [-f filename | pathname... ] [root@TIOCC102 ~]# cd /usr/lib lib/ lib64_orig_backup.tar.gz lib64/ libexec/ [root@TIOCC102 ~]# cd /usr/lib64 [root@TIOCC102 lib64]# ls -lrth lib Display all 305 possibilities? (y or n) [root@TIOCC102 lib64]# ls -lrth libcr* -rwxr-xr-x. 1 root root 38K Feb 1 2011 libcrack.so.2.8.1 -rwxr-xr-x. 1 root root 1.6M Oct 12 2012 libcrypto.so.1.0.0 lrwxrwxrwx. 1 root root 17 Dec 1 21:44 libcrack.so.2 -> libcrack.so.2.8.1 lrwxrwxrwx. 1 root root 18 Dec 1 21:44 libcrypto.so.10 -> libcrypto.so.1.0.0 [root@TIOCC102 lib64]# pwd /usr/lib64 [root@TIOCC102 lib64]# c ============== current setting of Selinux, [root@TIOCC102 lib64]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@TIOCC102 lib64]# Please suggest |
I gave you two options.
You choose one. Try the other. |
Hi ,
Thanks The first steps need to be done @ root or need to be done at a defined one . Please suggest |
Root.
|
Hi ,
i did try but getting this : oot@TIOCC101 ~]# cd [root@TIOCC101 ~]# genhomedircon /usr/sbin/semodule: error while loading shared libraries: libustr-1.0.so.1: failed to map segment from shared object: Permission denied [root@TIOCC101 ~]# |
Commence with:
Code:
touch /.autorelabel |
All times are GMT -5. The time now is 02:18 PM. |