Bug 1879849

Summary:	Permission denied errors in octavia's driver-agent.log when selinux in enforcing mode
Product:	Red Hat OpenStack	Reporter:	Sandeep Yadav <sandyada>
Component:	openstack-octavia	Assignee:	Brent Eagles <beagles>
Status:	CLOSED CURRENTRELEASE	QA Contact:	Bruna Bonguardo <bbonguar>
Severity:	high	Docs Contact:
Priority:	high
Version:	16.2 (Train)	CC:	ihrachys, lpeer, majopela, michjohn, scohen
Target Milestone:	z2	Keywords:	Triaged
Target Release:	16.2 (Train on RHEL 8.4)
Hardware:	x86_64
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2022-05-10 14:29:27 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Sandeep Yadav 2020-09-17 07:23:34 UTC

Description of problem:

Permission denied errors in octavia's driver-agent.log when selinux in enforcing mode.

~~~
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent [-] status_listener raised exception: [Errno 13] Permission denied. Restarting status_listener.: PermissionError: [Errno 13] Permission denied
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent Traceback (most recent call last):
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent   File "/usr/lib/python3.6/site-packages/octavia/cmd/driver_agent.py", line 65, in _process_wrapper
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent     function(exit_event)
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent   File "/usr/lib/python3.6/site-packages/octavia/api/drivers/driver_agent/driver_listener.py", line 118, in status_listener
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent     StatusRequestHandler)
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent   File "/usr/lib64/python3.6/socketserver.py", line 456, in __init__
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent     self.server_bind()
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent   File "/usr/lib64/python3.6/socketserver.py", line 470, in server_bind
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent     self.socket.bind(self.server_address)
2020-09-17 06:07:42.902 15 ERROR octavia.cmd.driver_agent PermissionError: [Errno 13] Permission denied
~~~

When we turn selinux in permissive mode it start working.


Version-Release number of selected component (if applicable):

16.2 


How reproducible:

Everytime


Steps to Reproduce:
1. Deploy tripleo-ci scenario10 with selinux in enforcing mode.


Actual results:

Permission denied errors in octavia's driver-agent.log:-

~~~
ERROR octavia.cmd.driver_agent PermissionError: [Errno 13] Permission denied
~~~

Expected results:

We should not see Permission denied issue even when selinux is in enforcing mode.


Additional info: