Project

General

Profile

Bug #9805

Puppet master generates lots of invalid context messages

Added by Lukas Zapletal about 8 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Lukas Zapletal
Category:
General Foreman
Target version:
1.15.4
Difficulty:
Triaged:
Bugzilla link:
1202924
Pull request:
https://github.com/theforeman/foreman-selinux/pull/67
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

During installation on RHEL7 I see this failure once, then catalog is compiled successfully:

Mar 13 10:11:07 fseven puppet-master[20182]: Failed to find fseven.zzz.lan via exec: Execution of '/etc/puppet/node.rb fseven.zzz.lan' returned 1:

Looks like this is harmless, but we should investigate why this happens and if we can prevent this.

Associated revisions

Revision 31ebc8e7 (diff)
Added by Lukas Zapletal over 5 years ago

Fixes #9805 - fixed file_contexts: invalid context (#67)

History

#1 Updated by Lukas Zapletal about 8 years ago

  • Bugzilla link set to 1202924

#2 Updated by Dominic Cleal about 8 years ago

Please provide logs?

#3 Updated by Dominic Cleal about 8 years ago

  • Category deleted (foreman-installer script)
  • Status changed from New to Need more information

#4 Updated by Bryan Kearney over 6 years ago

  • Status changed from Need more information to New

From downstream:

vrempet@li-lc-1017 ~
$ grep -c /etc/selinux/targeted/contexts/files/file_contexts /var/log/messages
512

vrempet@li-lc-1017 ~
$ grep /etc/selinux/targeted/contexts/files/file_contexts /var/log/messages | tail -n 5
Oct 5 12:45:11 li-lc-1017 puppet-master9026: /etc/selinux/targeted/contexts/files/file_contexts: invalid context system_u:object_r:puppet_etc_t:s0
Oct 5 12:45:38 li-lc-1017 puppet-master9046: /etc/selinux/targeted/contexts/files/file_contexts: invalid context system_u:object_r:puppet_etc_t:s0
Oct 5 12:45:38 li-lc-1017 puppet-master9046: /etc/selinux/targeted/contexts/files/file_contexts: invalid context system_u:object_r:puppet_etc_t:s0
Oct 5 12:45:38 li-lc-1017 puppet-master9046: /etc/selinux/targeted/contexts/files/file_contexts: invalid context system_u:object_r:puppet_etc_t:s0
Oct 5 12:45:38 li-lc-1017 puppet-master9046: /etc/selinux/targeted/contexts/files/file_contexts: invalid context system_u:object_r:puppet_etc_t:s0

vrempet@li-lc-1017 ~
$ uptime
12:55:58 up 13 min, 1 user, load average: 0.01, 0.51, 0.65

#5 Updated by Dominic Cleal over 6 years ago

  • Status changed from New to Need more information

Does the execution of node.rb outside of the puppet-master process work or fail? If it fails, please provide the Foreman logs.

Are there any AVC denials? I'm unsure that those log messages are relevant or show anything relating to the issue description.

The logs don't appear to come from the same host, are these definitely demonstrating the same underlying bug?

#6 Updated by Lukas Zapletal about 6 years ago

  • Project changed from Installer to SELinux
  • Subject changed from Initial ENC run fails to Puppet master generates lots of invalid context messages
  • Category set to General Foreman
  • Status changed from Need more information to Assigned
  • Assignee set to Lukas Zapletal

We have been able to track the issue down with help of SELinux team. It's a long story, I will provide patch soon. For more details see:

https://bugzilla.redhat.com/show_bug.cgi?id=1202924

#7 Updated by The Foreman Bot almost 6 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-selinux/pull/67 added

#8 Updated by Daniel Lobato Garcia over 5 years ago

  • Legacy Backlogs Release (now unused) set to 287

#9 Updated by Lukas Zapletal over 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF