Bug 1652496

Summary:	[OSP12] failed to install undercloud - "ovsdb-server: failed to create temporary file (No such file or directory)" if we mount /tmp with noexec
Product:	Red Hat OpenStack	Reporter:	Artem Hrechanychenko <ahrechan>
Component:	openvswitch	Assignee:	Timothy Redaelli <tredaelli>
Status:	CLOSED EOL	QA Contact:	Roee Agiman <ragiman>
Severity:	high	Docs Contact:
Priority:	high
Version:	12.0 (Pike)	CC:	ahrechan, apevec, chrisw, fleitner, rhos-maint, tredaelli
Target Milestone:	---	Keywords:	ZStream
Target Release:	---
Hardware:	x86_64
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:
Clones:	1661636 (view as bug list)		Environment:
Last Closed:	2018-12-14 11:45:01 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	1636295
Bug Blocks:	1661636

Description Artem Hrechanychenko 2018-11-22 09:12:38 UTC

Description of problem:
During verification of https://bugzilla.redhat.com/show_bug.cgi?id=1636295:
 I before undercloud installation I edited fstab and remount /tmp with options:
echo "tmpfs /tmp tmpfs mode=1777,nosuid,nodev,noexec 0 0" | sudo tee -a /etc/fstab 
mount /tmp

and started undercloud installation:
http://pastebin.test.redhat.com/670562


from logs - 
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + set ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswitch:hugetlbfs --no-chdir --log-file=/va
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + install_dir /var/run/openvswitch
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + DIR=/var/run/openvswitch
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + INSTALL_MODE=755
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + INSTALL_USER=root
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + INSTALL_GROUP=root
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + '[' openvswitch:hugetlbfs '!=' '' ']'
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + INSTALL_USER=openvswitch
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + '[' hugetlbfs '!=' '' ']'
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + INSTALL_GROUP=hugetlbfs
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + whoami
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: root
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + echo 'install -d -m "755" -o "openvswitch" -g "hugetlbfs" "/var/run/openvswitch"'
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: install -d -m "755" -o "openvswitch" -g "hugetlbfs" "/var/run/openvswitch"
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + ls -la /var/run/openvswitch
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: total 4
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: drwxr-xr-x.  2 openvswitch hugetlbfs  60 Nov 21 11:31 .
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: drwxr-xr-x. 29 root        root      980 Nov 21 11:31 ..
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: -rw-r--r--.  1 root        root       41 Nov 21 11:31 useropts
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + test '!' -d /var/run/openvswitch
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + set ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswitch:hugetlbfs --no-chdir --log-file=/va
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + set ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswitch:hugetlbfs --no-chdir --log-file=/va
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + test Xno = Xno
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + case $wrapper in
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + test X-10 '!=' X
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + set nice -n -10 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswitch:hugetlbfs --no-chdir --
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + action 'Starting ovsdb-server' nice -n -10 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswi
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + local STRING rc
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + STRING='Starting ovsdb-server'
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + echo -n 'Starting ovsdb-server '
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: Starting ovsdb-server + shift
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: + nice -n -10 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --user openvswitch:hugetlbfs --no-chdir --log-
Nov 21 11:31:45 undercloud-0.redhat.local ovs-ctl[13601]: ovsdb-server: failed to create temporary file (No such file or directory)

Version-Release number of selected component (if applicable):
instack-7.0.2-2.el7ost.noarch
instack-undercloud-7.4.12-3.el7ost.noarch
openvswitch-2.9.0-54.el7fdp.x86_64

How reproducible:
Always

Steps to Reproduce:
1.echo "tmpfs /tmp tmpfs mode=1777,nosuid,nodev,noexec 0 0" | sudo tee -a /etc/fstab 
mount /tmp
2.Run undercloud installation


Actual results:
installation failed due to openvswitch troubles 

Expected results:
Passed installation

Additional info:

Comment 1 Flavio Leitner 2018-12-06 18:51:30 UTC

Hi,

Could you please check if it works with SELinux disabled?

I reproduced here and disabling SELinux works. If that's your case, please provide the AVC messages. However, since this is not a standard installation (replacing /tmp with tmpfs), then I am not sure if we can include the policy in the standard package. Most probably we will close as CANTFIX.

Thanks,
fbl

Comment 2 Timothy Redaelli 2018-12-06 19:00:41 UTC

Hi,
with regard to Comment 1. If that's your case, can you try to fix the Selinux permission by following https://access.redhat.com/solutions/2109491?

Thank you