Project

General

Profile

Actions
Copy link

Bug #30891

closed

rh-redis5-redis.service gets avc denial, causing installer to fail

Added by William Clark over 3 years ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Assignee:
William Clark
Category:
foreman-installer script
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman-installer/pull/580
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

in some circumstances, after running `foreman-installer --scenario foreman`, the installation fails due to

[ERROR 2020-09-21T14:38:21 main] Systemd start for rh-redis5-redis failed!

causing further dependency failures

the issue is caused by an avc denial accessing /var/log/redis/redis.log

type=AVC msg=audit(1600695273.006:18591): avc: denied { open } for pid=1071 comm="redis-server" path="/var/log/redis/redis.log" dev="vda1" ino=68225706 scontext=system_u:system_r:redis_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=1

and the issue does not exist with selinux in permissive or disabled.

https://tickets.puppetlabs.com/browse/PUP-10548 is a known puppetlabs issue... https://github.com/theforeman/foreman-installer/blob/71f60592f33a3056f52791a86876b9ae3ce9235f/hooks/pre/32-install_selinux_packages.rb should work around it but at least in some circumstances does not

Actions
Copy link
 #1

Updated by The Foreman Bot over 3 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to William Clark
  • Pull request https://github.com/theforeman/foreman-installer/pull/580 added
Actions
Copy link
 #2

Updated by Eric Helms 9 months ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link

Also available in: Atom PDF