Bug 1810632
| Summary: | [IPv6]The master became not ready as the wrong selinux label on 40-mdns-hostname&30-resolv-prepender | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Anping Li <anli> |
| Component: | Machine Config Operator | Assignee: | Antonio Murdaca <amurdaca> |
| Status: | CLOSED DUPLICATE | QA Contact: | Michael Nguyen <mnguyen> |
| Severity: | urgent | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.3.0 | CC: | asegurap |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-03-05 16:44:47 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1807104 *** |
Description of problem: The master became not ready. Found two files /etc/NetworkManager/dispatcher.d/40-mdns-hostname and /etc/NetworkManager/dispatcher.d/30-resolv-prepender are created without selinux label. journalctl -u NetworkManager.service Mar 05 13:13:08 localhost dhclient[2905]: bound to 172.22.0.74 -- renewal in 1535 seconds. Mar 05 13:13:08 localhost NetworkManager[2824]: <warn> [1583413988.2264] dispatcher: (27) /etc/NetworkManager/dispatcher.d/30-resolv-prepender failed (exec failed): Failed to execute child process “/etc/Networ> Mar 05 13:13:08 localhost NetworkManager[2824]: <warn> [1583413988.2264] dispatcher: (27) /etc/NetworkManager/dispatcher.d/40-mdns-hostname failed (exec failed): Failed to execute child process “/etc/NetworkMa> Mar 05 13:35:26 localhost dhclient[2920]: PRC: Renewing lease on enp5s0. Mar 05 13:35:26 localhost dhclient[2920]: XMT: Renew on enp5s0, interval 9150ms. Mar 05 13:35:26 localhost dhclient[2920]: RCV: Reply message on enp5s0 from fe80::5054:ff:fee5:4e09. Mar 05 13:35:26 localhost NetworkManager[2824]: <info> [1583415326.7523] dhcp6 (enp5s0): valid_lft 3600 Mar 05 13:35:26 localhost NetworkManager[2824]: <info> [1583415326.7526] dhcp6 (enp5s0): preferred_lft 3600 Mar 05 13:35:26 localhost NetworkManager[2824]: <info> [1583415326.7526] dhcp6 (enp5s0): address fd2e:6f44:5dd8:c956::133 Mar 05 13:35:26 localhost NetworkManager[2824]: <info> [1583415326.7527] dhcp6 (enp5s0): nameserver 'fd2e:6f44:5dd8:c956::1' Mar 05 13:35:26 localhost NetworkManager[2824]: <info> [1583415326.7528] dhcp6 (enp5s0): state changed bound -> bound, event ID="00:b8:d5:5d|1583415326" Mar 05 13:35:26 localhost NetworkManager[2824]: <warn> [1583415326.7904] dispatcher: (28) /etc/NetworkManager/dispatcher.d/30-resolv-prepender failed (exec failed): Failed to execute child process “/etc/Networ> Mar 05 13:35:26 localhost NetworkManager[2824]: <warn> [1583415326.7905] dispatcher: (28) /etc/NetworkManager/dispatcher.d/40-mdns-hostname failed (exec failed): Failed to execute child process “/etc/NetworkMa> Mar 05 13:38:43 localhost dhclient[2905]: DHCPREQUEST on enp4s0 to 172.22.0.3 port 67 (xid=0x166e3548) Mar 05 13:38:43 localhost dhclient[2905]: DHCPACK from 172.22.0.3 (xid=0x166e3548) Mar 05 13:38:43 localhost NetworkManager[2824]: <info> [1583415523.2091] dhcp4 (enp4s0): address 172.22.0.74 Mar 05 13:38:43 localhost NetworkManager[2824]: <info> [1583415523.2094] dhcp4 (enp4s0): plen 24 (255.255.255.0) Mar 05 13:38:43 localhost NetworkManager[2824]: <info> [1583415523.2094] dhcp4 (enp4s0): lease time 3600 Mar 05 13:38:43 localhost NetworkManager[2824]: <info> [1583415523.2094] dhcp (enp4s0): domain search 'ocp-edge-cluster.qe.lab.redhat.com.' Mar 05 13:38:43 localhost NetworkManager[2824]: <info> [1583415523.2094] dhcp4 (enp4s0): state changed bound -> bound Mar 05 13:38:43 localhost dhclient[2905]: bound to 172.22.0.74 -- renewal in 1216 seconds. Mar 05 13:38:43 localhost NetworkManager[2824]: <warn> [1583415523.2496] dispatcher: (29) /etc/NetworkManager/dispatcher.d/ 30-resolv-prepender failed (exec failed): Failed to execute child process “/etc/Networ> Mar 05 13:38:43 localhost NetworkManager[2824]: <warn> [1583415523.2497] dispatcher: (29) /etc/NetworkManager/dispatcher.d/40-mdns-hostname failed (exec failed): Failed to execute child process “/etc/NetworkMa> ls -laZ /etc/NetworkManager/dispatcher.d/ -rwxr-xr-x. 1 root root system_u:object_r:tmp_t:s0 1061 Mar 5 09:08 30-resolv-prepender -rwxr-xr-x. 1 root root system_u:object_r:tmp_t:s0 392 Mar 5 09:08 40-mdns-hostname drwxr-xr-x. 2 root root system_u:object_r:NetworkManager_initrc_exec_t:s0 6 Mar 4 22:08 no-wait.d Version-Release number of selected component (if applicable): 4.3.0-0.nightly-2020-03-04-165955 How reproducible: Always 30-resolv-prepender system_u:object_r:tmp_t:s0 40-mdns-hostname system_u:object_r:tmp_t:s0 30-resolv-prepender system_u:object_r:tmp_t:s0 40-mdns-hostname system_u:object_r:tmp_t:s0Steps to Reproduce: 1. Deploy 4.3.5 on Baremetal and using IPv6. 2. Run some testing and Check the master status $ oc get nodes NAME STATUS ROLES AGE VERSION master-0.ocp-edge-cluster.qe.lab.redhat.com Ready master 15h v1.16.2 master-1.ocp-edge-cluster.qe.lab.redhat.com NotReady,SchedulingDisabled master 15h v1.16.2 master-2.ocp-edge-cluster.qe.lab.redhat.com Ready master 15h v1.16.2 worker-0.ocp-edge-cluster.qe.lab.redhat.com Ready worker 14h v1.16.2 worker-1.ocp-edge-cluster.qe.lab.redhat.com NotReady worker 14h v1.16.2 Actual results: master-1 not ready. The selinux label is wrong for files /etc/NetworkManager/dispatcher.d/40-mdns-hostname and etc/NetworkManager/dispatcher.d/30-resolv-prepender 30-resolv-prepender system_u:object_r:tmp_t:s0 40-mdns-hostname system_u:object_r:tmp_t:s0 Expected results: The selinux lable should be 30-resolv-prepender system_u:object_r:NetworkManager_initrc_exec_t:s0 40-mdns-hostname system_u:object_r:NetworkManager_initrc_exec_t:s0 Additional info: