Bug #14551: Remote run is broken on centos7 because of selinux - Rudder - Issue Tracker

Bug #14551

Updated by François ARMAND over 5 years ago

This happened on rudder 5.0, but it looks like it's not specific to that version of Rudder.  
 Maybe linked to #14391 (found in the same use case). 

 <pre> 
 [root@server vagrant]# curl -X POST 'http://localhost/rudder/relay-api/remote-run/nodes' -d "asynchronous=false" -d "keep_output=true" -d "nodes=a81c4150-974f-4155-a9b9-3cd2c38dbf96" 
 a81c4150-974f-4155-a9b9-3cd2c38dbf96:sudo: unable to open audit system: Permission denied 
 a81c4150-974f-4155-a9b9-3cd2c38dbf96:sudo: pam_open_session: System error 
 a81c4150-974f-4155-a9b9-3cd2c38dbf96:sudo: policy plugin failed session initialization 
 </pre> 

 It's SELinux related, because with "setenforce 0", the remote run is correctly started - so perhaps linked to rudder version after all.

Back

Project

General

Profile

Rudder

Bug #14551