Bug 1466410
Summary: | M->N upgrade causes losing ssh access to undercloud | ||
---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Yolanda Robla <yroblamo> |
Component: | instack-undercloud | Assignee: | Sofer Athlan-Guyot <sathlang> |
Status: | CLOSED ERRATA | QA Contact: | Amit Ugol <augol> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 10.0 (Newton) | CC: | atelang, ccamacho, jamsmith, jschluet, lbezdick, mbultel, mburns, mcornea, rhel-osp-director-maint, sathlang, slinaber |
Target Milestone: | z11 | Keywords: | TestOnly, Triaged, ZStream |
Target Release: | 10.0 (Newton) | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | instack-undercloud-5.3.7-7.el7ost | Doc Type: | Bug Fix |
Doc Text: |
This update corrects a selinux permissions error that caused loss of ssh access after upgrading from a non-selinux undercloud.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-04-30 16:58:51 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Yolanda Robla
2017-06-29 14:16:47 UTC
To clarify, i come from previous versions, upgrading from 8->9 then 9->10. When i upgrade to 9, i see that the authorized_keys is also labeled incorrectly, with system_u:object_r:unlabeled_t:s0 . But it works, because selinux in 9 is set to Permissive. When going to 10, it's set to Enforcing, and this bad labeling is causing to loose access. All the fixes are in place and they are so old that fixes should be available from the imports. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0921 |