Subject: Re: [HTCondor-users] Communication error when trying to add second machine
> From: "Hughes, Zachary" <zdhughes@xxxxxxxxx> > Date: 08/04/2016 06:33 PM
> I get SELinux Alerts:
>
> ###########################################################################
> SELinux is preventing /usr/bin/bash from write access on the file
> ip_local_port_range.
>
> ***** Plugin catchall (100. confidence) suggests **************************
Howdy!
The CentOS / Red Hat 7 enables SELinux by default,
so lots of people are seeing these sorts of things in many different applications
- so much for the strategy of ignoring SELinux and hoping it'll
go away.
This one is triggered by the /usr/libexec/condor/linux_kernel_tuning
script which was introduced in 8.4. This adjusts parameters
around the Linux kernel to optimize the scalability and performance of the
HTCondor environment. You'll see a log of its activity in /etc/sysctl.d/99-htcondor.conf.
If you want to set these parameters manually to avoid
SELinux tackles, you can update your config to set ENABLE_KERNEL_TUNING
to false, and then write a sysctl.conf to set the parameters within the framework
of the sysctl.d directory which will have the proper SELinux permissions.
You might first want to try adding the appropriate
context to the linux_kernel_tuning script to allow it to issue the
required sysctl calls - this will probably be the solution implemented by
the CHTC as SELinux snarls are combed out.
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}