Bug 1210557
Summary: | gluster peer probe with selinux enabled throws error | ||
---|---|---|---|
Product: | [Community] GlusterFS | Reporter: | Bhaskarakiran <byarlaga> |
Component: | glusterd | Assignee: | Kaushal <kaushal> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | mainline | CC: | amukherj, bugs, byarlaga, gluster-bugs, kaushal, mzywusko, pkarampu, sasundar, sgraf |
Target Milestone: | --- | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-04-14 17:09:18 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1186580 |
Description
Bhaskarakiran
2015-04-10 05:12:11 UTC
Have you ensured that no additional firewall settings are there. Is ping to the new server responding ? I have flushed the iptables and ping is working.. [root@transformers glusterfs]# ping ninja PING ninja.lab.eng.blr.redhat.com (10.70.34.68) 56(84) bytes of data. 64 bytes from ninja.lab.eng.blr.redhat.com (10.70.34.68): icmp_seq=1 ttl=64 time=0.435 ms 64 bytes from ninja.lab.eng.blr.redhat.com (10.70.34.68): icmp_seq=2 ttl=64 time=0.206 ms ^C --- ninja.lab.eng.blr.redhat.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1558ms rtt min/avg/max/mdev = 0.206/0.320/0.435/0.115 ms [root@transformers glusterfs]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@transformers glusterfs]# [root@ninja ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@ninja ~]# ping transformers PING transformers.lab.eng.blr.redhat.com (10.70.34.44) 56(84) bytes of data. 64 bytes from transformers.lab.eng.blr.redhat.com (10.70.34.44): icmp_seq=1 ttl=64 time=0.230 ms 64 bytes from transformers.lab.eng.blr.redhat.com (10.70.34.44): icmp_seq=2 ttl=64 time=0.174 ms ^C --- transformers.lab.eng.blr.redhat.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1726ms rtt min/avg/max/mdev = 0.174/0.202/0.230/0.028 ms [root@ninja ~]# Solving problems arising due to SELinux almost always mean writing a correct SELinux policy. As far as I understand, writing SELinux policies for a package is done by the distribution shipping the package. Fedora, CentOS (atleast CentOS7) and RHEL 7 ship a GlusterD policy (/etc/selinux/targeted/modules/active/modules/glusterd.pp) in their selinux-policy-targetted package. I also checked with RHEL-6.6, which also contains apparently has the policy file, but is not owned by any package (we need to find how it got there, but that is another problem in itself). Which distribution and GlusterFS package are you using? As I understand, QE testing for RHS-3.1 is being done on RHEL-6.6 and RHEL-7.1. Can you check if you have the above mentioned policy file on your systems? If you do have it, can you attempt do a SELinux relabeling and check if that solves your issue. In any case this is not an issue with GlusterFS itself. I recommend closing this bug. I'll wait for the answers to my questions above before closing. Distribution : RHEl 6.6 Gluster version : glusterfs 3.7dev built on Apr 9 2015 01:10:22 The file do exist and i tried relabelling with fixfiles but doesn't solve the problem. Bhaskarakiran, I am using RHEL 6.6 with glusterfs-3.7 nightly builds and I am not seeing any such problems. Could you explain further on how did you eneded up with this problem as selinux issue ? And provide some info on the setup related information - Is it the RHEL 6.6 you installed from ISO ? Installed RHEL6.6 through pxe. Did a rebelling with fixfiles and rebooted the machine. I am able to probe on server but now on the other it gives a different error : [root@vertigo modules]# gluster peer probe transformers peer probe: failed: Error through RPC layer, retry again later [root@vertigo modules]# gluster peer probe transformers peer probe: failed: Error through RPC layer, retry again later [root@vertigo modules]# With my last chat with Bhaskarakiran, he says everything worked well after restarting glusterd on that node. I suppose this is not a problem with selinux in any means, as I am using the setup of RHEL 6.6 machines + glusterfs-3.7 nightly builds, with selinux enabled and I don't see this problem This is not a bug really caused by selinux and closing the bug |