Bug 1224639

Summary: 'glusterd.socket' file created by rpm scriptlet is not cleaned-up properly post installation
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Prasanth <pprakash>
Component: glusterdAssignee: Anand Nekkunti <anekkunt>
Status: CLOSED ERRATA QA Contact: Prasanth <pprakash>
Severity: high Docs Contact:
Priority: high    
Version: rhgs-3.1CC: amukherj, anekkunt, asrivast, kaushal, kparthas, nlevinki, nsathyan, pprakash, sasundar, vagarwal, vbellur
Target Milestone: ---   
Target Release: RHGS 3.1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: glusterfs-3.7.1-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-29 04:52:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1202842, 1210404, 1214253, 1214258, 1223636, 1228109    

Description Prasanth 2015-05-25 08:38:38 UTC 
Description of problem:

'glusterd.socket' file created by rpm scriptlet is not cleaned-up properly post installation

Version-Release number of selected component (if applicable):
glusterfs-fuse-3.7.0-2.el6rhs.x86_64
glusterfs-libs-3.7.0-2.el6rhs.x86_64
glusterfs-client-xlators-3.7.0-2.el6rhs.x86_64
glusterfs-api-3.7.0-2.el6rhs.x86_64
glusterfs-3.7.0-2.el6rhs.x86_64
glusterfs-cli-3.7.0-2.el6rhs.x86_64
glusterfs-server-3.7.0-2.el6rhs.x86_64


How reproducible: Always


Steps to Reproduce:
1. Install the RHGS 3.1 build 2
  # yum install glusterfs-server

Actual results:
AFAIK, the 'glusterd.socket' file is first created by rpm scriptlet as part of a start and stop operation done in the post upgrade script to re-generate the configuration files. During the process it gets a wrong label of "var_run_t" as we don't have filename transition rules in RHEL-6. However, as this file is not cleaned after the installation, the write access and unlink access required on the sock_file '/var/run/glusterd.socket' while manually starting 'glusterd' for the first time is prevented by SELinux. This is identified as the reason for the 2 SELinux bugs [1] and [2].

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1214253

[2] https://bugzilla.redhat.com/show_bug.cgi?id=1214258

So doing a proper clean as part of post upgrade section of rpm installation is required to avoid issues like this.


Expected results: Any temporary files created as part of the rpm installation should be removed post installation. As part of that, 'glusterd.socket; should also get removed.


Additional info:

#####
[root@dhcp42-246 run]# /etc/init.d/glusterd status
glusterd is stopped

[root@dhcp42-246 run]# ls -lZ glusterd.socket 
srwxr-xr-x. root root unconfined_u:object_r:var_run_t:s0 glusterd.socket

[root@dhcp42-246 run]# /etc/init.d/glusterd start
Starting glusterd:                                         [  OK  ]

[root@dhcp42-246 run]# ls -lZ glusterd.socket 
srwxr-xr-x. root root unconfined_u:object_r:glusterd_var_run_t:s0 glusterd.socket

[root@dhcp42-246 run]# /etc/init.d/glusterd status
glusterd (pid  5278) is running...
#####
Comment 2 Prasanth 2015-06-22 07:42:45 UTC 
Verified as fixed in glusterfs-3.7.1-4.el6rhs.x86_64

#####
[root@dhcp43-61 run]# /etc/init.d/glusterd status
glusterd is stopped

[root@dhcp43-61 run]# pwd
/var/run

[root@dhcp43-61 run]# ls -lZ glusterd.socket
ls: cannot access glusterd.socket: No such file or directory

[root@dhcp43-61 run]# /etc/init.d/glusterd start
Starting glusterd:                                         [  OK  ]

[root@dhcp43-61 run]#  ls -lZ glusterd.socket 
srwxr-xr-x. root root unconfined_u:object_r:glusterd_var_run_t:s0 glusterd.socket

[root@dhcp43-61 run]# /etc/init.d/glusterd status
glusterd (pid  2284) is running...
#####
Comment 5 errata-xmlrpc 2015-07-29 04:52:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-1495.html