Redhat as4 u4 重新编译内核出现的问题

6754

我使用/boot/config-2.6.42.el配置文件进行编译，编译成功，并能顺利运行，但不能在XWindows状态下联网，用http或Ftp都提示权限不够，不过我开通samba和http服务，用其他机是可以连接到这台机上的。问题出在那里。在原内核状态下就没有问题。

1984qht

都提示出权限不够了,和内核没有关系吧,,你在看看

6754

但我除了换了内核外，什么设置都没有改过，而且在相同的环境下用旧内核就没有问题，只是改了内核就出现不能联网。

siasd

把你操作的详细过程贴出来看看吧，包括返回的错误信息，那样才能分析啊，要不我们就只有瞎猜了

6754

内核是2.6.13.4
cp /boot/config-2.6.9-42.el .config
make menuconfig
.config:31: trying to assign nonexistent symbol AUDITFILESYSTEM
.config:57: trying to assign nonexistent symbol MODULE_SIG
.config:58: trying to assign nonexistent symbol MODULE_SIG_FORCE
.config:105: trying to assign nonexistent symbol X86_4G
.config:106: trying to assign nonexistent symbol X86_SWITCH_PAGETABLES
.config:107: trying to assign nonexistent symbol X86_4G_VM_LAYOUT
.config:108: trying to assign nonexistent symbol X86_UACCESS_INDIRECT
.config:109: trying to assign nonexistent symbol X86_HIGH_ENTRY
.config:133: trying to assign nonexistent symbol DELL_RBU
.config:134: trying to assign nonexistent symbol DCDBAS
.config:193: trying to assign nonexistent symbol CPU_FREQ_PROC_INTF
.config:200: trying to assign nonexistent symbol CPU_FREQ_24_API
.config:350: trying to assign nonexistent symbol MTD_ELAN_104NC
.config:391: trying to assign nonexistent symbol PARPORT_PC_CML1
.config:396: trying to assign nonexistent symbol PARPORT_OTHER
.config:431: trying to assign nonexistent symbol CCISS_DUMP
.config:432: trying to assign nonexistent symbol CCISS_DUMP_GLUE
.config:433: trying to assign nonexistent symbol DISKDUMP
.config:449: trying to assign nonexistent symbol BLK_DEV_DELKIN
.config:454: trying to assign nonexistent symbol BLK_DEV_IDEDUMP
.config:456: trying to assign nonexistent symbol IDE_TASKFILE_IO
.config:489: trying to assign nonexistent symbol BLK_DEV_IT8212
.config:518: trying to assign nonexistent symbol SCSI_DUMP
.config:555: trying to assign nonexistent symbol SCSI_ADP94XX
.config:569: trying to assign nonexistent symbol MEGARAID_SAS
.config:574: trying to assign nonexistent symbol SCSI_SATA_MV
.config:576: trying to assign nonexistent symbol SCSI_PDC_ADMA
.config:581: trying to assign nonexistent symbol SCSI_SATA_SIL24
.config:586: trying to assign nonexistent symbol SCSI_SATA_INTEL_COMBINED
.config:600: trying to assign nonexistent symbol SCSI_ISCSI_SFNET
.config:613: trying to assign nonexistent symbol SCSI_PROMISE_STEX
.config:620: trying to assign nonexistent symbol QLA_IOCTLMOD
.config:676: trying to assign nonexistent symbol FUSION_SAS
.config:680: trying to assign nonexistent symbol FUSION_OLD_MODULE_COMPAT
.config:706: trying to assign nonexistent symbol NETLINK_DEV
.config:820: trying to assign nonexistent symbol IP_NF_NAT_LOCAL
.config:837: trying to assign nonexistent symbol IP_NF_COMPAT_IPCHAINS
.config:838: trying to assign nonexistent symbol IP_NF_COMPAT_IPFWADM
.config:991: trying to assign nonexistent symbol TUX
.config:996: trying to assign nonexistent symbol TUX_EXTCGI
.config:997: trying to assign nonexistent symbol TUX_EXTENDED_LOG
.config:998: trying to assign nonexistent symbol TUX_DEBUG
.config:1004: trying to assign nonexistent symbol ETHERTAP
.config:1069: trying to assign nonexistent symbol EEPRO100_PIO
.config:1071: trying to assign nonexistent symbol E100_NAPI
.config:1106: trying to assign nonexistent symbol SKY2
.config:1157: trying to assign nonexistent symbol IEEE80211
.config:1158: trying to assign nonexistent symbol IEEE80211_DEBUG
.config:1159: trying to assign nonexistent symbol IEEE80211_CRYPT_WEP
.config:1160: trying to assign nonexistent symbol IEEE80211_CRYPT_CCMP
.config:1161: trying to assign nonexistent symbol IEEE80211_CRYPT_TKIP
.config:1162: trying to assign nonexistent symbol IPW2100
.config:1163: trying to assign nonexistent symbol IPW2100_MONITOR
.config:1164: trying to assign nonexistent symbol IPW2100_DEBUG
.config:1165: trying to assign nonexistent symbol IPW2200
.config:1166: trying to assign nonexistent symbol IPW2200_MONITOR
.config:1167: trying to assign nonexistent symbol IPW_QOS
.config:1168: trying to assign nonexistent symbol IPW2200_DEBUG
.config:1254: trying to assign nonexistent symbol NETDUMP
.config:1355: trying to assign nonexistent symbol ISDN_DRV_TPAM
.config:1424: trying to assign nonexistent symbol SOUND_GAMEPORT
.config:1457: trying to assign nonexistent symbol JOYSTICK_TWIDDLER
.config:1478: trying to assign nonexistent symbol DIGI
.config:1506: trying to assign nonexistent symbol SERIAL_8250_MULTIPORT
.config:1517: trying to assign nonexistent symbol CRASH
.config:1597: trying to assign nonexistent symbol AGP_INTEL_MCH
.config:1705: trying to assign nonexistent symbol HWMON_VID
.config:1898: trying to assign nonexistent symbol SND_AZX
.config:1940: trying to assign nonexistent symbol SND_VXP440
.config:1985: trying to assign nonexistent symbol USB_STORAGE_RW_DETECT
.config:1990: trying to assign nonexistent symbol USB_STORAGE_HP8200e
.config:2019: trying to assign nonexistent symbol USB_HPUSBSCSI
.config:2118: trying to assign nonexistent symbol USB_TIGL
.config:2143: trying to assign nonexistent symbol INFINIBAND_USER_MAD
.config:2144: trying to assign nonexistent symbol INFINIBAND_USER_ACCESS
.config:2145: trying to assign nonexistent symbol INFINIBAND_ADDR_TRANS
.config:2151: trying to assign nonexistent symbol INFINIBAND_SDP
.config:2152: trying to assign nonexistent symbol INFINIBAND_SDP_DEBUG
.config:2153: trying to assign nonexistent symbol INFINIBAND_SRP
.config:2154: trying to assign nonexistent symbol INFINIBAND_ISER
.config:2155: trying to assign nonexistent symbol INFINIBAND_RDS
.config:2156: trying to assign nonexistent symbol INFINIBAND_RDS_DEBUG
.config:2161: trying to assign nonexistent symbol EDAC
.config:2166: trying to assign nonexistent symbol EDAC_DEBUG
.config:2167: trying to assign nonexistent symbol EDAC_MM_EDAC
.config:2168: trying to assign nonexistent symbol EDAC_AMD76X
.config:2169: trying to assign nonexistent symbol EDAC_E7XXX
.config:2170: trying to assign nonexistent symbol EDAC_E752X
.config:2171: trying to assign nonexistent symbol EDAC_I82875P
.config:2172: trying to assign nonexistent symbol EDAC_I82860
.config:2173: trying to assign nonexistent symbol EDAC_R82600
.config:2174: trying to assign nonexistent symbol EDAC_POLL
.config:2229: trying to assign nonexistent symbol DEVFS_FS
.config:2238: trying to assign nonexistent symbol RELAYFS_FS
.config:2253: trying to assign nonexistent symbol JFFS2_FS_NAND
.config:2404: trying to assign nonexistent symbol SECURITY_SELINUX_MLS
.config:2433: trying to assign nonexistent symbol CRYPTO_SIGNATURE
.config:2434: trying to assign nonexistent symbol CRYPTO_SIGNATURE_DSA
.config:2435: trying to assign nonexistent symbol CRYPTO_MPILIB

6754

make clean vmlinx modules install modules_install
内核运行正常
运行firefox不可以上网
Nov 13 22:44:28  kernel: audit(1163429068.535:12): avc:  denied  { name_connect } for  pid=4279 comm="firefox-bin" dest=80 scontext=root:system_r:unconfined_t tcontext=system_ubject_r:http_port_t tclass=tcp_socket

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere            
ACCEPT     ipv6-auth--  anywhere             anywhere            
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

yszll

感觉和selinux有关系. 试试关掉selinux