Actions
Bug #16784
closed
Remote run in the UI fails on centos 7.6
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
Description
It was after an upgrade from 6.0.2 to 6.0.3 (which partially failed, so maybe it's linked)
error in logs is
Feb 21 16:25:44 server rudder-relayd[19381]: sudo: error while loading shared libraries: libsudo_util.so.0: failed to map segment from shared object: Permission denied Feb 21 16:25:44 server rudder-relayd[19381]: INFO relayd::relay-api: 127.0.0.1:58976 "POST /rudder/relay-api/1/remote-run/nodes/599610da-5a03-4c2a-9e67-75a5c024f8bc HTTP/1.1" 200 "-" "rudder/remote run que
Updated by Nicolas CHARLES about 4 years ago
relevant auditd log is
type=AVC msg=audit(1582303222.107:2143): avc: denied { execute } for pid=5266 comm="sudo" path="/usr/libexec/sudo/libsudo_util.so.0.0.0" dev="dm-0" ino=33977717 scontext=system_u:system_r:rudder_relayd_
t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1582303222.107:2143): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=212388 a2=5 a3=802 items=0 ppid=19381 pid=5266 auid=4294967295 uid=996 gid=992 euid=0 suid=0 fsuid=0 egid=99
2 sgid=992 fsgid=992 tty=(none) ses=4294967295 comm="sudo" exe="/usr/bin/sudo" subj=system_u:system_r:rudder_relayd_t:s0 key=(null)
type=PROCTITLE msg=audit(1582303222.107:2143): proctitle=7375646F002F6F70742F7275646465722F62696E2F7275646465720072656D6F74650072756E0072656C61792E7275646465722E6C6F63616C
Updated by Nicolas CHARLES about 4 years ago
- Status changed from New to Rejected
Updating packages from centos fixed the issue
Some packages difference in selinux caused the issue; rejecting
Actions