系统服务提示service: Failed to execute command: Permission denied

安装ETCD时启动遇到问题

tail -f /var/log/message

Nov 14 22:17:36 localhost systemd[1]: Starting Etcd Server...
Nov 14 22:17:36 localhost systemd[3188]: etcd.service: Failed to execute command: Permission denied
Nov 14 22:17:36 localhost systemd[3188]: etcd.service: Failed at step EXEC spawning /opt/etcd/bin/etcd: Permission denied
Nov 14 22:17:36 localhost systemd[1]: etcd.service: Main process exited, code=exited, status=203/EXEC
Nov 14 22:17:36 localhost systemd[1]: etcd.service: Failed with result 'exit-code'.

查看文件权限

上面提示没权限执行etcd命令

[root@localhost etcd]# ll /opt/etcd/bin/etcd*
-rwxr-xr-x. 1 root root 20701184 9月  14 21:02 /opt/etcd/bin/etcd
-rwxr-xr-x. 1 root root 15278080 9月  14 21:02 /opt/etcd/bin/etcdctl

我们看到是有执行权限的

顺着日志往下看会发现

SELinux is preventing systemd from read access on the file etcd.conf. For complete SELinux messages run: sealert -l 7663ffab-6f52-4fe6-9da1-aeb9cfa29cca

这个问题就是SELinux配置不正确，执行文件的安全上下文不正确。

解决方法

我们可以使用 restorecon 命令来恢复Selinux文件属性，即恢复文件的安全上下文

restorecon -rv /opt/etcd/bin/

其中，执行时需要把 /opt/etcd/bin/ 替换为正确的目录

当然，也可以把Selinux关掉

setenforce 0 #临时
sed -i 's/enforcing/disabled/' /etc/selinux/config #永久