Bug 1382211

Summary: docker-selinux segmentation fault
Product: [Fedora] Fedora Reporter: Subhendu Ghosh <sghosh>
Component: policycoreutilsAssignee: Petr Lautrbach <plautrba>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: adimania, admiller, amurdaca, dwalsh, ichavero, jcajka, jchaloup, lsm5, marianne, mgrepl, miminar, nalin, plautrba, pmoore, riek, sghosh, vbatts, vmojzis
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-10-06 12:34:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Subhendu Ghosh 2016-10-06 01:04:19 UTC 
Description of problem:

Installing docker and cockpit-docker via "dnf install cockpit-docker"
RPM transaction logs an segmentation fault for selinux policy installation

Version-Release number of selected component (if applicable):
docker-selinux-2:1.10.3-52.git8b7fa4a.fc24.x86_64  

How reproducible:

Not sure

Steps to Reproduce:
1. Install docker-selinux rpm 
2.
3.

Actual results:
# dnf install cockpit-docker
Last metadata expiration check: 0:01:11 ago on Wed Oct  5 20:54:25 2016.
Dependencies resolved.
==========================================================================================
 Package                   Arch       Version                           Repository   Size
==========================================================================================
Installing:
 cockpit-docker            x86_64     0.117-1.fc24                      updates     119 k
 docker                    x86_64     2:1.10.3-52.git8b7fa4a.fc24       updates     6.7 M
 docker-selinux            x86_64     2:1.10.3-52.git8b7fa4a.fc24       updates      76 k
 docker-v1.10-migrator     x86_64     2:1.10.3-52.git8b7fa4a.fc24       updates     1.9 M
 libmicrohttpd             x86_64     0.9.46-2.fc24                     fedora       66 k
 oci-register-machine      x86_64     0-1.1.git7d4ce65.fc24             fedora      925 k
 oci-systemd-hook          x86_64     0.1.4-1.fc24                      fedora       30 k
 python                    x86_64     2.7.12-6.fc24                     updates      96 k
 python-libs               x86_64     2.7.12-6.fc24                     updates     5.8 M
 python-pip                noarch     8.0.2-1.fc24                      fedora      1.7 M
 python2-setuptools        noarch     20.1.1-1.fc24                     fedora      417 k
 systemd-container         x86_64     229-8.fc24                        fedora      997 k

Transaction Summary
==========================================================================================
Install  12 Packages

Total download size: 19 M
Installed size: 76 M
Is this ok [y/N]: y
Downloading Packages:
(1/12): cockpit-docker-0.117-1.fc24.x86_64.rpm            555 kB/s | 119 kB     00:00    
(2/12): docker-selinux-1.10.3-52.git8b7fa4a.fc24.x86_64.r 330 kB/s |  76 kB     00:00    
(3/12): python-2.7.12-6.fc24.x86_64.rpm                   4.5 MB/s |  96 kB     00:00    
(4/12): python2-setuptools-20.1.1-1.fc24.noarch.rpm       8.3 MB/s | 417 kB     00:00    
(5/12): python-pip-8.0.2-1.fc24.noarch.rpm                5.9 MB/s | 1.7 MB     00:00    
(6/12): docker-v1.10-migrator-1.10.3-52.git8b7fa4a.fc24.x 6.3 MB/s | 1.9 MB     00:00    
(7/12): oci-register-machine-0-1.1.git7d4ce65.fc24.x86_64 5.5 MB/s | 925 kB     00:00    
(8/12): docker-1.10.3-52.git8b7fa4a.fc24.x86_64.rpm       6.4 MB/s | 6.7 MB     00:01    
(9/12): oci-systemd-hook-0.1.4-1.fc24.x86_64.rpm          386 kB/s |  30 kB     00:00    
(10/12): python-libs-2.7.12-6.fc24.x86_64.rpm             7.2 MB/s | 5.8 MB     00:00    
(11/12): libmicrohttpd-0.9.46-2.fc24.x86_64.rpm           1.2 MB/s |  66 kB     00:00    
(12/12): systemd-container-229-8.fc24.x86_64.rpm          9.8 MB/s | 997 kB     00:00    
------------------------------------------------------------------------------------------
Total                                                     7.8 MB/s |  19 MB     00:02     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Installing  : libmicrohttpd-0.9.46-2.fc24.x86_64                                   1/12 
  Installing  : systemd-container-229-8.fc24.x86_64                                  2/12 
  Installing  : docker-v1.10-migrator-2:1.10.3-52.git8b7fa4a.fc24.x86_64             3/12 
  Installing  : python-libs-2.7.12-6.fc24.x86_64                                     4/12 
  Installing  : python-pip-8.0.2-1.fc24.noarch                                       5/12 
  Installing  : python2-setuptools-20.1.1-1.fc24.noarch                              6/12 
  Installing  : python-2.7.12-6.fc24.x86_64                                          7/12 
  Installing  : docker-selinux-2:1.10.3-52.git8b7fa4a.fc24.x86_64                    8/12 
/var/tmp/rpm-tmp.xZRJxp: line 6:  4251 Segmentation fault      (core dumped) /usr/sbin/semodule -n -s targeted -i $MODULES
  Installing  : docker-2:1.10.3-52.git8b7fa4a.fc24.x86_64                            9/12 
  Installing  : cockpit-docker-0.117-1.fc24.x86_64                                  10/12 
  Installing  : oci-register-machine-0-1.1.git7d4ce65.fc24.x86_64                   11/12 
  Installing  : oci-systemd-hook-0.1.4-1.fc24.x86_64                                12/12 
  Verifying   : cockpit-docker-0.117-1.fc24.x86_64                                   1/12 
  Verifying   : docker-2:1.10.3-52.git8b7fa4a.fc24.x86_64                            2/12 
  Verifying   : docker-selinux-2:1.10.3-52.git8b7fa4a.fc24.x86_64                    3/12 
  Verifying   : python-2.7.12-6.fc24.x86_64                                          4/12 
  Verifying   : python-pip-8.0.2-1.fc24.noarch                                       5/12 
  Verifying   : python2-setuptools-20.1.1-1.fc24.noarch                              6/12 
  Verifying   : python-libs-2.7.12-6.fc24.x86_64                                     7/12 
  Verifying   : docker-v1.10-migrator-2:1.10.3-52.git8b7fa4a.fc24.x86_64             8/12 
  Verifying   : oci-register-machine-0-1.1.git7d4ce65.fc24.x86_64                    9/12 
  Verifying   : oci-systemd-hook-0.1.4-1.fc24.x86_64                                10/12 
  Verifying   : systemd-container-229-8.fc24.x86_64                                 11/12 
  Verifying   : libmicrohttpd-0.9.46-2.fc24.x86_64                                  12/12 

Installed:
  cockpit-docker.x86_64 0.117-1.fc24                                                      
  docker.x86_64 2:1.10.3-52.git8b7fa4a.fc24                                               
  docker-selinux.x86_64 2:1.10.3-52.git8b7fa4a.fc24                                       
  docker-v1.10-migrator.x86_64 2:1.10.3-52.git8b7fa4a.fc24                                
  libmicrohttpd.x86_64 0.9.46-2.fc24                                                      
  oci-register-machine.x86_64 0-1.1.git7d4ce65.fc24                                       
  oci-systemd-hook.x86_64 0.1.4-1.fc24                                                    
  python.x86_64 2.7.12-6.fc24                                                             
  python-libs.x86_64 2.7.12-6.fc24                                                        
  python-pip.noarch 8.0.2-1.fc24                                                          
  python2-setuptools.noarch 20.1.1-1.fc24                                                 
  systemd-container.x86_64 229-8.fc24                                                     

Complete!


Expected results:


Additional info:

Why is systemd-container getting installed on the host?
Comment 1 Daniel Walsh 2016-10-06 01:54:45 UTC 
If you reinstall docker-selinux does it succeed?  

systemd-container is not the one you are thinking of .

rpm -q systemd-container
...
 Systemd tools to spawn and manage containers and virtual machines.

This package contains systemd-nspawn, machinectl, systemd-machined,
and systemd-importd.

oci-register-machine requires it.
Comment 2 Petr Lautrbach 2016-10-06 07:25:27 UTC 
> /var/tmp/rpm-tmp.xZRJxp: line 6:  4251 Segmentation fault      (core dumped) /usr/sbin/semodule -n -s targeted -i $MODULES

Do you have the coredump?  Are you able to reproduce it with the latest Rawhide and container-selinux ?
Comment 3 Subhendu Ghosh 2016-10-06 12:34:34 UTC 
I don't have the core file - sorry.

dnf itself was segfaulting
ran "restorecon -vR /"
(SELinux enforcing mode)
 - got a bunch of relabel warnings on the rpm directories
ran " dnf reinstall docker-selinux"

No errors this time around.

Looks like an earlier selinux policy transaction error had borked the filesystem labels.

All good now.