Bug 1113848
Summary: | "rhncfg-client verify" and WebUI compare display different results for selinux context. | ||
---|---|---|---|
Product: | [Community] Spacewalk | Reporter: | Neha <nerawat> |
Component: | Clients | Assignee: | Stephen Herr <sherr> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Red Hat Satellite QA List <satqe-list> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 2.1 | CC: | sashinde |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | rhncfg-5.10.71-1 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | 1003459 | Environment: | |
Last Closed: | 2015-04-14 19:03:38 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1003459 | ||
Bug Blocks: | 1069560, 1207293 |
Description
Neha
2014-06-27 05:00:59 UTC
I think I fixed it in wrong way. From GUI its chekcing for selinux status and passing blank value so always displays as difference exists. Ideally its should match with original value and should display correct results in respective of selinux is disabled or not. As per above fix we changed client code to make it compatible to GUI however it should be vice versa. I will submit patch for this. ~ Neha before fix-> rhncfg-client verify /root/t5 Using server name fqdn /root/t5 webUI: SELinux contexts differ: actual: [], expected: [root:object_r:user_home_t] After fix-> rhncfg-client verify /root/t5 Using server name <fqdn> selinux /root/t5 webUI: SELinux contexts differ: actual: [], expected: [root:object_r:user_home_t] However orginal context is same as defined in satellite config file, but its always passing context value as blank because selinux is diabled. SO i think here no need to check weather selinux is disabled or not. It should display correct comparison results ls -lZ /root/t5 ----------. root root root:object_r:user_home_t /root/t5 There can be two conditions: 1] Either display correct comapre results 2] Dont compare context if selinux is disabled Please let me know your views on this. I have submitted pull request for first one: https://github.com/spacewalkproject/spacewalk/pull/109 ~ Neha According to current pull request: If difference exists: rhncfg-client verify /root/t5 Using server name fqdn selinux /root/t5 SELinux contexts differ: actual: [root:object_r:user_home_t], expected: [root:object_r:user_home] If not: rhncfg-client verify /root/t5 Using server name fqdn /root/t5 No differences Hi Neha, After investigating I agree with you, we "fixed" this inconsistancy the wrong way in Bug 1003459. The correct thing to do is to always display and diff the file's SELinux context, regardless of if SELinux is disabled or not. The 'rhncfg-client verify' had the correct behavior before, the webui did not. What we did was make the client do the same thing the webui was doing, but we need to do it the other way around. Committing your pull request to Spacewalk master: 7fb7a83b43819e76d983cdae971dd6a40f1743e2 In order to make this work really well I'm fixing it in another place and ensuring that the webui won't show diffs as existing when they do not: 034643136cbef349ab9517f5cb84f0148cbeb345 See https://bugzilla.redhat.com/show_bug.cgi?id=644985#c6 for where this behavior originated. However in the interim things have been fixed the correct way, ie rhncfg-manager channel-download now correctly sets the SELinux contexts, so this work-around is no longer necessary. Moving bugs to ON_QA as we move to release Spacewalk 2.3 Spacewalk 2.3 has been released. See https://fedorahosted.org/spacewalk/wiki/ReleaseNotes23 |