Actions
Bug #32022
closed
/sbin/restorecon: SELinux: Could not get canonical path for x restorecon: No such file or directory.
Difficulty:
Triaged:
No
Description
When I install foreman-selinux on CentOS 8 I see:
# yum install foreman-selinux Foreman plugins nightly 1.4 MB/s | 1.0 MB 00:00 Foreman nightly 2.3 MB/s | 1.3 MB 00:00 Last metadata expiration check: 0:00:01 ago on Fri 05 Mar 2021 13:37:25 UTC. Dependencies resolved. ====================================================================================================================================================================================== Package Architecture Version Repository Size ====================================================================================================================================================================================== Installing: foreman-selinux noarch 2.5.0-0.1.develop.20210215161957git1bc001e.el8 foreman 56 k Upgrading: selinux-policy noarch 3.14.3-54.el8_3.2 baseos 622 k selinux-policy-targeted noarch 3.14.3-54.el8_3.2 baseos 15 M Installing dependencies: checkpolicy x86_64 2.9-1.el8 baseos 348 k policycoreutils-python-utils noarch 2.9-9.el8 baseos 251 k python3-audit x86_64 3.0-0.17.20191104git1c2f876.el8 baseos 86 k python3-libsemanage x86_64 2.9-3.el8 baseos 127 k python3-policycoreutils noarch 2.9-9.el8 baseos 2.2 M python3-setools x86_64 4.3.0-2.el8 baseos 626 k Transaction Summary ====================================================================================================================================================================================== Install 7 Packages Upgrade 2 Packages Total download size: 19 M Is this ok [y/N]: y Downloading Packages: (1/9): python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64.rpm 3.2 MB/s | 86 kB 00:00 (2/9): python3-libsemanage-2.9-3.el8.x86_64.rpm 6.6 MB/s | 127 kB 00:00 (3/9): policycoreutils-python-utils-2.9-9.el8.noarch.rpm 4.7 MB/s | 251 kB 00:00 (4/9): checkpolicy-2.9-1.el8.x86_64.rpm 5.4 MB/s | 348 kB 00:00 (5/9): python3-setools-4.3.0-2.el8.x86_64.rpm 8.1 MB/s | 626 kB 00:00 (6/9): foreman-selinux-2.5.0-0.1.develop.20210215161957git1bc001e.el8.noarch.rpm 809 kB/s | 56 kB 00:00 (7/9): selinux-policy-3.14.3-54.el8_3.2.noarch.rpm 6.3 MB/s | 622 kB 00:00 (8/9): python3-policycoreutils-2.9-9.el8.noarch.rpm 10 MB/s | 2.2 MB 00:00 (9/9): selinux-policy-targeted-3.14.3-54.el8_3.2.noarch.rpm 20 MB/s | 15 MB 00:00 -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 20 MB/s | 19 MB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Upgrading : selinux-policy-3.14.3-54.el8_3.2.noarch 1/11 Running scriptlet: selinux-policy-3.14.3-54.el8_3.2.noarch 1/11 Running scriptlet: selinux-policy-targeted-3.14.3-54.el8_3.2.noarch 2/11 Upgrading : selinux-policy-targeted-3.14.3-54.el8_3.2.noarch 2/11 Running scriptlet: selinux-policy-targeted-3.14.3-54.el8_3.2.noarch 2/11 Installing : python3-setools-4.3.0-2.el8.x86_64 3/11 Installing : python3-libsemanage-2.9-3.el8.x86_64 4/11 Installing : python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64 5/11 Installing : checkpolicy-2.9-1.el8.x86_64 6/11 Installing : python3-policycoreutils-2.9-9.el8.noarch 7/11 Installing : policycoreutils-python-utils-2.9-9.el8.noarch 8/11 Installing : foreman-selinux-2.5.0-0.1.develop.20210215161957git1bc001e.el8.noarch 9/11 Running scriptlet: foreman-selinux-2.5.0-0.1.develop.20210215161957git1bc001e.el8.noarch 9/11 Cleanup : selinux-policy-targeted-3.14.3-54.el8.noarch 10/11 Running scriptlet: selinux-policy-targeted-3.14.3-54.el8.noarch 10/11 Cleanup : selinux-policy-3.14.3-54.el8.noarch 11/11 Running scriptlet: selinux-policy-3.14.3-54.el8.noarch 11/11 Running scriptlet: foreman-selinux-2.5.0-0.1.develop.20210215161957git1bc001e.el8.noarch 11/11 /sbin/restorecon: SELinux: Could not get canonical path for /etc/puppet/node.rb restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /etc/puppetlabs/puppet/node.rb restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib64/ruby/gems/1.8/gems/passenger-* restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib/ruby/gems/1.8/gems/passenger-* restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib64/gems/ruby/passenger-*/agents restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib/gems/ruby/passenger-*/agents restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib64/ruby/site_ruby/1.8/x86_64-linux/agents restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib/ruby/site_ruby/1.8/x86_64-linux/agents restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/share/passenger/helper-scripts restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib64/passenger/support-binaries restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib/passenger/support-binaries restorecon: No such file or directory. /sbin/restorecon: SELinux: Could not get canonical path for /usr/lib64exec/passenger restorecon: No such file or directory. Running scriptlet: selinux-policy-3.14.3-54.el8.noarch 11/11 Verifying : checkpolicy-2.9-1.el8.x86_64 1/11 Verifying : policycoreutils-python-utils-2.9-9.el8.noarch 2/11 Verifying : python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64 3/11 Verifying : python3-libsemanage-2.9-3.el8.x86_64 4/11 Verifying : python3-policycoreutils-2.9-9.el8.noarch 5/11 Verifying : python3-setools-4.3.0-2.el8.x86_64 6/11 Verifying : foreman-selinux-2.5.0-0.1.develop.20210215161957git1bc001e.el8.noarch 7/11 Verifying : selinux-policy-3.14.3-54.el8_3.2.noarch 8/11 Verifying : selinux-policy-3.14.3-54.el8.noarch 9/11 Verifying : selinux-policy-targeted-3.14.3-54.el8_3.2.noarch 10/11 Verifying : selinux-policy-targeted-3.14.3-54.el8.noarch 11/11 Upgraded: selinux-policy-3.14.3-54.el8_3.2.noarch selinux-policy-targeted-3.14.3-54.el8_3.2.noarch Installed: checkpolicy-2.9-1.el8.x86_64 foreman-selinux-2.5.0-0.1.develop.20210215161957git1bc001e.el8.noarch policycoreutils-python-utils-2.9-9.el8.noarch python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64 python3-libsemanage-2.9-3.el8.x86_64 python3-policycoreutils-2.9-9.el8.noarch python3-setools-4.3.0-2.el8.x86_64 Complete!
Updated by The Foreman Bot about 3 years ago
- Status changed from New to Ready For Testing
- Assignee set to Ewoud Kohl van Wijngaarden
- Pull request https://github.com/theforeman/foreman-selinux/pull/124 added
Updated by The Foreman Bot almost 3 years ago
- Pull request https://github.com/theforeman/foreman-selinux/pull/128 added
Updated by
Updated by Ewoud Kohl van Wijngaarden almost 3 years ago
- Related to Bug #32316: Drop all passenger-related SELinux rules added
Updated by Ewoud Kohl van Wijngaarden almost 3 years ago
- Fixed in Releases deleted (
2.4.1)
This issue is in a bit of a weird place. The commit that's linked did solve part of it. In #32316 all the Passenger paths were removed. Now only the node.rb locations are left.
That means this isn't really solved and why it can't have a Fixed in releases 2.4.1. Removal of the passenger paths can't be cherry picked to 2.4.
However, looking closer at it, it's weird. restorecon is called with -i so it should ignore files that don't exist. Why is it happening in the first place?
Updated by Ewoud Kohl van Wijngaarden about 1 year ago
- Has duplicate Bug #36069: Running foreman-selinux-relabel fails with an error added
Updated by Ewoud Kohl van Wijngaarden about 1 year ago
- Status changed from Ready For Testing to Closed
https://bugzilla.redhat.com/show_bug.cgi?id=2137965 is the report I should have filed where -i fails if the parent directory doesn't exist. This has been fixed in CentOS Stream 8 and thus should land in a next RHEL release eventually.
Actions