{"id":247,"date":"2013-07-21T14:06:32","date_gmt":"2013-07-21T05:06:32","guid":{"rendered":"http:\/\/blog.mamimu.me\/fishblue\/?p=247"},"modified":"2013-07-21T17:12:53","modified_gmt":"2013-07-21T08:12:53","slug":"iptables%e3%81%a7-cant-open-etcsysconfigiptables-permission-denied","status":"publish","type":"post","link":"https:\/\/blog.mamimu.me\/fishblue\/?p=247","title":{"rendered":"iptables\u3067 Can&#8217;t open \/etc\/sysconfig\/iptables: Permission denied"},"content":{"rendered":"<p>\u81ea\u8179\u30b5\u30fc\u30d0\u306eiptables\u3092\u5909\u66f4\u3057\u305f\u3089\u30a8\u30e9\u30fc\u304c\u51fa\u3066\u30cf\u30de\u30c3\u305f\u306e\u3067\u30e1\u30e2\u3002<br \/>\n\u30a8\u30e9\u30fc\u81ea\u4f53\u306f\u3042\u307e\u308a\u6c17\u306b\u3057\u3066\u306a\u304b\u3063\u305f\u3051\u3069\u3001iptables\u304c\u4e0a\u304c\u3089\u306a\u304f\u306a\u3063\u305f\u306e\u3067\u30ce\u30fc\u30ac\u30fc\u30c9\u72b6\u614b\u306b\u306a\u3063\u305f\u3002<\/p>\n<p>\u81ea\u8179\u30b5\u30fc\u30d0\u306f3\u53f0\u3042\u308a\u307e\u3059\u3002<br \/>\n1\u53f0\u306f\u56fd\u5185\u696d\u8005\u30012\u53f0\u306f\u6d77\u5916\u696d\u8005\u3067\u3059\u3002<\/p>\n<p>\u307e\u305a\u3001\u56fd\u5185\u306e\u9bd6\u306eiptables\u306e\u8a2d\u5b9a\u3092\u5909\u66f4\u3057\u307e\u3057\u305f\u3002reload\u3082\u554f\u984c\u306a\u3057\u3002<br \/>\n\u7d50\u69cb\u5909\u66f4\u3057\u305f\u306e\u3067\u6b8b\u308a\u306e2\u53f0\u3092\u624b\u4f5c\u696d\u3067\u3059\u308b\u306e\u3082\u9762\u5012\u306a\u306e\u3067scp\u3057\u307e\u3057\u305f\u3002\uff08\u666e\u6bb5\u306f\u624b\u4f5c\u696d\u3067\u3084\u3063\u3066\u307e\u3059\uff09<br \/>\n\u3067\u3001iptables\u3092reload\u3057\u305f\u3068\u3053\u308d\u4ee5\u4e0b\u306e\u30a8\u30e9\u30fc\u304c\u767a\u751f\uff08[FAILED]\u306e\u4f4d\u7f6e\u304c\u304a\u304b\u3057\u3044\u3051\u3069\u539f\u6587\u8868\u793a\u306e\u307e\u307e\uff09<\/p>\n<p>Applying iptables firewall rules: Can&#8217;t open \/etc\/sysconfig[FAILED]s: Permission denied<\/p>\n<p>\/var\/log\/message\u306b\u306f\u4ee5\u4e0b\u306e\u30ed\u30b0<br \/>\nkernel: type=1400 audit(1374380677.276:9): avc: denied { read } for pid=3122 comm=&#8221;iptables-restor&#8221; name=&#8221;iptables&#8221; dev=dm-0 ino=4390922 scontext=user_u:system_r:iptables_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file<\/p>\n<p>\u56fd\u5185\u7cfb\u3068\u6d77\u5916\u7cfb\u3067\u306f\u8a2d\u5b9a\u304c\u9055\u3046\u306e\u304b\u3068\u601d\u3063\u305f\u304c\u305d\u3093\u306a\u3053\u3068\u3082\u306a\u3044\u3002<\/p>\n<p>\u30a8\u30e9\u30fc\u51fa\u529b\u3092\u30b0\u30b0\u3063\u3066\u307f\u305f\u3002<br \/>\nhttp:\/\/www.backtrack-linux.org\/forums\/showthread.php?t=40448<br \/>\n\u4e0a\u8a18\u3092\u53c2\u8003\u306b\u3057\u3066\/proc\/sys\/net\/ipv4\/ip_forward\u3092\u898b\u305f\u3051\u3069\u540c\u3058\u3002<\/p>\n<p>CentOS\u306e\u516c\u5f0f\u30d5\u30a9\u30fc\u30e9\u30e0\u306f<br \/>\nhttps:\/\/www.centos.org\/modules\/newbb\/viewtopic.php?topic_id=10809<br \/>\n\u306a\u3093\u304b\u9055\u3046\u306a\uff5e\u3063\u3066\u601d\u3063\u3066\u6700\u5f8c\u307e\u3067\u898b\u308b\u3068\u4ee5\u4e0b\u306e\u8a18\u8f09\u304c<br \/>\nselinux write down every error in this file look for avc<br \/>\n<script type=\"text\/javascript\">\/\/ <![CDATA[\ngoogle_ad_client = \"ca-pub-9128529039742412\";\n\/* for wordpress *\/\ngoogle_ad_slot = \"0240515414\";\ngoogle_ad_width = 468;\ngoogle_ad_height = 60;\n\/\/ ]]><\/script><br \/>\n<script type=\"text\/javascript\" src=\"http:\/\/pagead2.googlesyndication.com\/pagead\/show_ads.js\">\/\/ <![CDATA[\n\n\/\/ ]]><\/script><\/p>\n<p>\u30de\u30b8\u3067\uff01\uff1f\u4eca\u3055\u3089SELINUX\uff1f\uff1f\u6b62\u3081\u3066\u305f\u3068\u601d\u3063\u3066\u305f\u3051\u3069\u3002\u3067\u3082\u4e00\u5fdc\u78ba\u8a8d\u3002<br \/>\n# getenforce<br \/>\nEnforcing\u3000\u3000\u3000\u3000\u2190\u3000SELINUX\u304c\u8d77\u52d5\u3055\u308c\u3066\u308b\uff01\uff1f\uff01\uff1f<br \/>\n# setenforce 0\u3000\u3000 \u2190\u3000\u3068\u308a\u3042\u3048\u305a\u4e00\u6642\u505c\u6b62<br \/>\n# getenforce<br \/>\nPermissive\u3000\u3000\u3000 \u2190\u3000\u4e00\u6642\u505c\u6b62\u306b\u306a\u3063\u3066\u308b<br \/>\n# \/etc\/init.d\/iptables start<br \/>\nApplying iptables firewall rules: [ OK ]\u3000\u3000\u2190\u3000iptables\u304c\u8d77\u52d5\u3057\u305f\uff01<br \/>\n#<\/p>\n<p>\u3053\u306e\u5f8c\u306fSELINUX\u3092disable\u3057\u3066\u30b5\u30fc\u30d0\u518d\u8d77\u52d5\u3092\u5b9f\u65bd\u3002<\/p>\n<p>\u305f\u3060\u3001\u4e0d\u601d\u8b70\u306a\u306e\u306f\u6628\u65e5\u304b\u3089\u6570\u56de\u8a2d\u5b9a\u5909\u66f4\u3057\u305f\u3051\u3069\u305d\u306e\u6642\u306f\u30a8\u30e9\u30fc\u51fa\u306a\u304b\u3063\u305f\u3093\u3067\u3059\u3088\u306d\u3002<br \/>\n\u4eca\u65e5\u3001\u30b3\u30d4\u30fc\u3057\u305f\u30b3\u30f3\u30d5\u30a3\u30b0\u3092\u4f7f\u3063\u305f\u3089\u306a\u3063\u305f\u3093\u3067\u3059\u3088\u306d\u3002\u3061\u306a\u307f\u306b\u30b3\u30f3\u30d5\u30a3\u30b0\u3092\u623b\u3057\u305f\u3051\u3069\u5fa9\u65e7\u3057\u307e\u305b\u3093\u3067\u3057\u305f\u3002<br \/>\n\u3068\u3044\u3046\u3053\u3068\u306f\u30b3\u30d4\u30fc\u3057\u305f\u30b3\u30f3\u30d5\u30a3\u30b0\u3092reload\u3057\u305f\u6642\u306bSELINUX\u304c\u8d77\u52d5\u3057\u305f\uff1f\uff1f\u3088\u304f\u308f\u304b\u308a\u307e\u305b\u3093\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u81ea\u8179\u30b5\u30fc\u30d0\u306eiptables\u3092\u5909\u66f4\u3057\u305f\u3089\u30a8\u30e9\u30fc\u304c\u51fa\u3066\u30cf\u30de\u30c3\u305f\u306e\u3067\u30e1\u30e2\u3002 \u30a8\u30e9\u30fc\u81ea\u4f53\u306f\u3042\u307e\u308a\u6c17\u306b\u3057\u3066\u306a\u304b\u3063\u305f\u3051\u3069\u3001iptables\u304c\u4e0a\u304c\u3089\u306a\u304f\u306a\u3063\u305f\u306e\u3067\u30ce\u30fc\u30ac\u30fc\u30c9\u72b6\u614b\u306b\u306a\u3063\u305f\u3002 \u81ea\u8179\u30b5\u30fc\u30d0\u306f3\u53f0\u3042\u308a\u307e\u3059\u3002 1\u53f0\u306f\u56fd\u5185\u696d\u8005\u3001<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,4],"tags":[],"class_list":["post-247","post","type-post","status-publish","format-standard","hentry","category-linux","category-4"],"_links":{"self":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/posts\/247","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=247"}],"version-history":[{"count":0,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/posts\/247\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=247"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=247"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=247"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}