Project

General

Profile

Actions

Bug #10372

closed

On Centos 7.3, upgrading from 4.0 to 4.1 fail due to SELinux problem

Added by Nicolas CHARLES about 4 years ago. Updated about 4 years ago.

Status:
Released
Priority:
N/A
Category:
Packaging
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
User visibility:
Effort required:
Priority:
0

Description

During upgrade from 4.0 to 4.1, I got the following errors

/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /opt/rudder/etc/uuid.hive.
/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /var/log/rudder/apache2(/.*)?.
/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /var/rudder/inventories/incoming.
/etc/selinux/final/targeted/contexts/files/file_contexts: Multiple same specifications for /var/rudder/inventories/accepted-nodes-updates.
/etc/selinux/final/targeted/contexts/files/file_contexts: Invalid argument
libsemanage.semanage_validate_and_compile_fcontexts: setfiles returned error code 1.
semodule:  Failed!

meanwhile, semodule was using 100% CPU

Then, https failed to start, cause is:

(13)Permission denied: AH00091: httpd: could not open error log file /var/log/rudder/apache2/error.log.
AH00015: Unable to open logs


Related issues

Related to Rudder - Bug #9913: Add SELinux config to relay packageReleasedBenoît PECCATTEActions
Related to Rudder - Bug #10426: Apache not started on a fresh centos7 install (selinux problem)ReleasedBenoît PECCATTEActions
Actions #1

Updated by Nicolas CHARLES about 4 years ago

  • Subject changed from On Centos 7.3, upgrading from 4.0 to 4.1 fail du tu SELinux problem to On Centos 7.3, upgrading from 4.0 to 4.1 fail due to SELinux problem
Actions #2

Updated by Nicolas CHARLES about 4 years ago

  • Related to Bug #10090: Missing selinux-policy-devel in rudder-server-relay dependencies added
Actions #3

Updated by Nicolas CHARLES about 4 years ago

  • Related to Bug #9913: Add SELinux config to relay package added
Actions #4

Updated by Nicolas CHARLES about 4 years ago

  • Related to deleted (Bug #10090: Missing selinux-policy-devel in rudder-server-relay dependencies)
Actions #5

Updated by Alexis MOUSSET about 4 years ago

  • Status changed from New to In progress
  • Assignee set to Alexis MOUSSET
Actions #6

Updated by Alexis MOUSSET about 4 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis MOUSSET to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-packages/pull/1288
Actions #7

Updated by Alexis MOUSSET about 4 years ago

  • Status changed from Pending technical review to Pending release
Actions #8

Updated by Nicolas CHARLES about 4 years ago

  • Related to Bug #10426: Apache not started on a fresh centos7 install (selinux problem) added
Actions #9

Updated by Benoît PECCATTE about 4 years ago

  • Status changed from Pending release to Released
  • Priority set to 0

This bug has been fixed in Rudder 4.1.0 which was released today.

Actions

Also available in: Atom PDF