揭秘导致MongoDB服务启动失败的幕后黑手

原创库海无涯 2024-07-14

110

1、mongod 状态

[root@mydb ~]# systemctl status mongod
× mongod.service - MongoDB Database Server
     Loaded: loaded (/usr/lib/systemd/system/mongod.service; disabled; preset: disabled)
     Active: failed (Result: exit-code) since Sun 2024-07-14 16:34:42 CST; 2s ago
   Duration: 10ms
       Docs: https://docs.mongodb.org/manual
    Process: 1808 ExecStart=/mongodb/app/mongodb/bin/mongod $OPTIONS (code=exited, status=203/EXEC)
   Main PID: 1808 (code=exited, status=203/EXEC)
        CPU: 2ms

Jul 14 16:34:42 mydb systemd[1]: Started MongoDB Database Server.
Jul 14 16:34:42 mydb systemd[1808]: mongod.service: Failed to locate executable /mongodb/app/mongodb/bin/mongod: Permission denied
Jul 14 16:34:42 mydb systemd[1808]: mongod.service: Failed at step EXEC spawning /mongodb/app/mongodb/bin/mongod: Permission denied
Jul 14 16:34:42 mydb systemd[1]: mongod.service: Main process exited, code=exited, status=203/EXEC
Jul 14 16:34:42 mydb systemd[1]: mongod.service: Failed with result 'exit-code'.
复制

2、日志信息

Jul 14 16:28:39 mydb systemd[1]: dbus-:1.1-org.fedoraproject.SetroubleshootPrivileged@4.service: Deactivated successfully.
Jul 14 16:28:39 mydb systemd[1]: dbus-:1.1-org.fedoraproject.SetroubleshootPrivileged@4.service: Consumed 1.019s CPU time.
Jul 14 16:28:42 mydb systemd[1]: setroubleshootd.service: Deactivated successfully.
Jul 14 16:28:42 mydb systemd[1]: setroubleshootd.service: Consumed 3.154s CPU time.
Jul 14 16:28:58 mydb systemd[1]: Started mongod.service.
Jul 14 16:28:58 mydb systemd[1613]: mongod.service: Failed to locate executable /mongodb/app/mongodb/bin/mongod: Permission denied
Jul 14 16:28:58 mydb systemd[1613]: mongod.service: Failed at step EXEC spawning /mongodb/app/mongodb/bin/mongod: Permission denied
Jul 14 16:28:58 mydb systemd[1]: mongod.service: Main process exited, code=exited, status=203/EXEC
Jul 14 16:28:58 mydb systemd[1]: mongod.service: Failed with result 'exit-code'.
Jul 14 16:28:58 mydb systemd[1]: Starting SETroubleshoot daemon for processing new SELinux denial logs...
Jul 14 16:28:59 mydb systemd[1]: Started SETroubleshoot daemon for processing new SELinux denial logs.
Jul 14 16:28:59 mydb systemd[1]: Started dbus-:1.1-org.fedoraproject.SetroubleshootPrivileged@5.service.
Jul 14 16:29:02 mydb setroubleshoot[1614]: SELinux is preventing /usr/lib/systemd/systemd from read access on the lnk_file mongodb. For complete SELinux messages run: sealert -l 0fdf4ad8-666d-4d14-90ea-8d0f61ad22b8
Jul 14 16:29:02 mydb setroubleshoot[1614]: SELinux is preventing /usr/lib/systemd/systemd from read access on the lnk_file mongodb.#012#012*****  Plugin catchall_labels (83.8 confidence) suggests   *******************#012#012If you want to allow systemd to have read access on the mongodb lnk_file#012Then you need to change the label on mongodb#012Do#012# semanage fcontext -a -t FILE_TYPE 'mongodb'#012where FILE_TYPE is one of the following: 
复制

3、处理并验证

[root@mydb ~]# vi /etc/selinux/config
[root@mydb ~]# setenforce 0
[root@mydb ~]#
[root@mydb ~]# systemctl start mongod
[root@mydb ~]# systemctl status mongod
● mongod.service - MongoDB Database Server
     Loaded: loaded (/usr/lib/systemd/system/mongod.service; disabled; preset: disabled)
     Active: active (running) since Sun 2024-07-14 16:40:30 CST; 3s ago
       Docs: https://docs.mongodb.org/manual
   Main PID: 1915 (mongod)
     Memory: 171.5M
        CPU: 1.162s
     CGroup: /system.slice/mongod.service
             └─1915 /mongodb/app/mongodb/bin/mongod -f /mongodb/data/mongod.conf

Jul 14 16:40:30 mydb systemd[1]: Started MongoDB Database Server.
Jul 14 16:40:30 mydb mongod[1915]: {"t":{"$date":"2024-07-14T08:40:30.052Z"},"s":"I",  "c":"CONTROL",  "id":7484500, "ctx":"main","msg":"Environment variable MONGODB_CONFIG_OVERRIDE_NOF>
lines 1-12/12 (END)

复制

4、总结

验证了执行文件的权限，尝试PermissionsStartOnly均无疾而终。最后在日志中找到selinux。官网虽然有很详细的关于selinux的配置，但还是关了吧。

墨力计划 mongodb

「喜欢这篇文章，您的关注和赞赏是给作者最好的鼓励」

关注作者

1人已赞赏

爱

揭秘导致MongoDB服务启动失败的幕后黑手

1、mongod 状态

2、日志信息

3、处理并验证

4、总结

评论

相关阅读