| title | weight | catalog | date | subtitle | header-img | tags | catagories | ||
|---|---|---|---|---|---|---|---|---|---|
keycreate permission denied |
1 |
true |
2021-06-23 09:22:24 -0700 |
|
|
write /proc/self/attr/keycreate: permission denied
具体报错:
kuberuntime_manager.go:758] createPodSandbox for pod "ecc-hostpath-provisioner-8jbhf_kube-system(b8050fd3-4ffe-11eb-a82e-c6090b53405b)" failed: rpc error: code = Unknown desc = failed to start sandbox container for pod "ecc-hostpath-provisioner-8jbhf": Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknownSELINUX未设置成disabled
# 将SELINUX设置成disabled
setenforce 0 # 临时生效
# 永久生效,但需重启,配合上述命令可以不用立即重启
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# 查看SELinux状态
$ /usr/sbin/sestatus -v
SELinux status: disabled
$ getenforce
Disabled