Project

General

Profile

Bug #10372

On Centos 7.3, upgrading from 4.0 to 4.1 fail due to SELinux problem

Added by Nicolas CHARLES about 1 year ago. Updated about 1 year ago.

Status:
Released
Priority:
N/A
Assignee:
Benoît PECCATTE
Category:
Packaging
Target version:
4.1.0
Target version (plugin):
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
User visibility:
Effort required:
Pull Request:
https://github.com/Normation/rudder-p...
Priority:
0

Description

During upgrade from 4.0 to 4.1, I got the following errors

/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /opt/rudder/etc/uuid.hive.
/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /var/log/rudder/apache2(/.*)?.
/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /var/rudder/inventories/incoming.
/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /var/rudder/inventories/accepted-nodes-updates.
/etc/selinux/final/targeted/contexts/files/file_contexts: Invalid argument
libsemanage.semanage_validate_and_compile_fcontexts: setfiles returned error code 1.
semodule:  Failed!

meanwhile, semodule was using 100% CPU

Then, https failed to start, cause is:

(13)Permission denied: AH00091: httpd: could not open error log file /var/log/rudder/apache2/error.log.
AH00015: Unable to open logs

Related issues

Related to Rudder - Bug #9913: Add SELinux config to relay package Released
Related to Rudder - Bug #10426: Apache not started on a fresh centos7 install (selinux problem) Released

Associated revisions

Revision e444d265
Added by Alexis MOUSSET about 1 year ago

Fixes #10372: On Centos 7.3, upgrading from 4.0 to 4.1 fail due to SELinux problem

History

#1 Updated by Nicolas CHARLES about 1 year ago

  • Subject changed from On Centos 7.3, upgrading from 4.0 to 4.1 fail du tu SELinux problem to On Centos 7.3, upgrading from 4.0 to 4.1 fail due to SELinux problem

#2 Updated by Nicolas CHARLES about 1 year ago

  • Related to Bug #10090: Missing selinux-policy-devel in rudder-server-relay dependencies added

#3 Updated by Nicolas CHARLES about 1 year ago

  • Related to Bug #9913: Add SELinux config to relay package added

#4 Updated by Nicolas CHARLES about 1 year ago

  • Related to deleted (Bug #10090: Missing selinux-policy-devel in rudder-server-relay dependencies)

#5 Updated by Alexis MOUSSET about 1 year ago

  • Status changed from New to In progress
  • Assignee set to Alexis MOUSSET

#6 Updated by Alexis MOUSSET about 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis MOUSSET to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-packages/pull/1288

#7 Updated by Alexis MOUSSET about 1 year ago

  • Status changed from Pending technical review to Pending release

#8 Updated by Nicolas CHARLES about 1 year ago

  • Related to Bug #10426: Apache not started on a fresh centos7 install (selinux problem) added

#9 Updated by Benoît PECCATTE about 1 year ago

  • Status changed from Pending release to Released
  • Priority set to 0

This bug has been fixed in Rudder 4.1.0 which was released today.

Also available in: Atom PDF