Actions
Bug #20263
closed
Missing SELinux rules for httpd on RockyLinux
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
First impressions of Rudder
Effort required:
Small
Priority:
87
Name check:
To do
Fix check:
Checked
Regression:
Description
I tried to install a rudder server on a RockyLinux, it seems to work well but some SELinux rules are missing after the install and it blocks the inventories reception.
Error on the agent:
[root@agent1 ~]# rudder agent inventory
Rudder agent 6.2.10.release
Node uuid: 0b7a7887-567d-4c6f-ac0a-37ec5293e1da
M| State Technique Component Key Message
E| compliant Common Compute inventory splay Scheduling rudder_run_inventory was correct
Start execution with config [0]
error: Finished command related to promiser '/var/rudder/inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.*' -- an error occurred, returned 22
error: Transformer '/var/rudder/inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.sign' => '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:rudder --upload-file /var/rudder/inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.sign https://server/inventories/' returned error
error: Finished command related to promiser '/var/rudder/inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.*' -- an error occurred, returned 22
error: Transformer '/var/rudder/inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.gz' => '/usr/bin/curl --tlsv1.2 --location --insecure --fail --silent --proxy '' --user rudder:rudder --upload-file /var/rudder/inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.gz https://server/inventories/' returned error
E| error Inventory inventory Could not send the inventory
info Rudder agent was run on a subset of policies - not all policies were checked
## Summary #####################################################################
2 components verified in 4 directives
=> 2 components in Enforce mode
-> 1 compliant
-> 1 error
Execution time: 5.63s
################################################################################
On the apache log in trace mode:
[Mon Nov 15 14:55:57.065704 2021] [rewrite:trace1] [pid 27392:tid 139934463620864] mod_rewrite.c(482): [client 192.168.3.3:55720] 192.168.3.3 - - [server/sid#55fd7f105cd0][rid#7f45100499e0/initial] pass through /inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.gz [Mon Nov 15 14:55:57.068923 2021] [dav:error] [pid 27392:tid 139934463620864] [client 192.168.3.3:55720] Unable to PUT new contents for /inventories/agent1-0b7a7887-567d-4c6f-ac0a-37ec5293e1da.ocs.gz. [403, #0] [Mon Nov 15 14:55:57.068934 2021] [dav:error] [pid 27392:tid 139934463620864] (13)Permission denied: [client 192.168.3.3:55720] An error occurred while opening a resource. [500, #0]
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.2.12 to 6.2.13
Updated by Vincent MEMBRÉ about 2 years ago
- Target version changed from 6.2.13 to 6.2.14
- Priority changed from 96 to 91
Updated by Alexis Mousset almost 2 years ago
- Target version changed from 6.2.14 to 7.1.2
- Priority changed from 91 to 88
Updated by Alexis Mousset almost 2 years ago
- Status changed from New to In progress
- Assignee set to Alexis Mousset
Updated by Alexis Mousset almost 2 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to Félix DALLIDET
- Pull Request set to https://github.com/Normation/rudder-packages/pull/2611
Updated by Alexis Mousset almost 2 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-packages|53bbd22dc6d1b0ce36d84e2992da6c4aa0ffc289.
Updated by Vincent MEMBRÉ almost 2 years ago
- Priority changed from 88 to 87
- Fix check changed from To do to Checked
Updated by Vincent MEMBRÉ almost 2 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 7.1.2 which was released today.
Actions