Bug 801184

Summary: Error messages when installing selinux RPM after its already been installed
Product: [Retired] Pulp Reporter: Jay Dobies <jason.dobies>
Component: z_otherAssignee: John Matthews <jmatthew>
Status: CLOSED CURRENTRELEASE QA Contact: Preethi Thomas <pthomas>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.1.0CC: jortel, tsanders
Target Milestone: ---Keywords: Triaged
Target Release: Sprint 34   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-05-25 14:15:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jay Dobies 2012-03-07 21:10:34 UTC 
I uninstalled the selinux RPM and on reinstall I saw:

Non-fatal POSTIN scriptlet failure in rpm package pulp-selinux-server-0.0.271-1.git.24.7e9da08.fc16.noarch
Enabling port 5674 for qpidd
/usr/sbin/semanage: Port tcp/5674 already defined
/usr/sbin/semanage: Port udp/5674 already defined
warning: %post(pulp-selinux-server-0.0.271-1.git.24.7e9da08.fc16.noarch) scriptlet failed, exit status 1

It looks like the uninstall isn't properly removing all of the applied rules, but I might be wrong. Need to investigate if this is an issue and if not, if we can silence the scary messages during the reinstall.
Comment 1 John Matthews 2012-03-12 17:11:59 UTC 
For more info see bz 795602

We are following a similar approach in Pulp where we check to see if a SELinux rule exists for amqp_t UDP/TCP 5674, if the rule has not been defined we add it, otherwise we skip it.
Comment 2 John Matthews 2012-03-12 21:06:09 UTC 
Addressed in commit:

http://git.fedorahosted.org/git/?p=pulp.git;a=commitdiff;h=0cd4ef245f3be0f0bb9f2d09cacac93e42d2fbc8
Comment 3 Jeff Ortel 2012-03-14 13:38:35 UTC 
build: 1.0.0-5
Comment 4 Preethi Thomas 2012-03-14 14:52:24 UTC 
[root@pulp-v1-server ~]# rpm -q pulp
pulp-1.0.0-5.el6.noarch
[root@pulp-v1-server ~]# 

[root@pulp-v1-server ~]# yum remove pulp*
Loaded plugins: product-id, security, subscription-manager
Updating certificate-based repositories.
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package pulp.noarch 0:1.0.0-2.el6 will be erased
---> Package pulp-common.noarch 0:1.0.0-2.el6 will be erased
---> Package pulp-selinux-server.noarch 0:1.0.0-2.el6 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                 Arch       Version           Repository           Size
================================================================================
Removing:
 pulp                    noarch     1.0.0-2.el6       @pulp-v1-stable     3.2 M
 pulp-common             noarch     1.0.0-2.el6       @pulp-v1-stable      78 k
 pulp-selinux-server     noarch     1.0.0-2.el6       @pulp-v1-stable     126 k

Transaction Summary
================================================================================
Remove        3 Package(s)

Installed size: 3.4 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction

  Erasing    : pulp-1.0.0-2.el6.noarch                                      1/3 
  Erasing    : pulp-common-1.0.0-2.el6.noarch                               2/3 
  Erasing    : pulp-selinux-server-1.0.0-2.el6.noarch                       3/3 
Installed products updated.

Removed:
  pulp.noarch 0:1.0.0-2.el6                  pulp-common.noarch 0:1.0.0-2.el6  
  pulp-selinux-server.noarch 0:1.0.0-2.el6  

Complete!
[root@pulp-v1-server ~]# 
[root@pulp-v1-server ~]# semanage port -l | grep amqp_port_t | grep tcp | grep 5674
amqp_port_t                    tcp      5674, 5671, 5672
[root@pulp-v1-server ~]# semanage port -l | grep amqp_port_t | grep udp | grep 5674
amqp_port_t                    udp      5674, 5671, 5672
[root@pulp-v1-server ~]# 
[root@pulp-v1-server ~]# 
[root@pulp-v1-server ~]# vi /etc/yum.repos.d/rhel-pulp.repo 
[root@pulp-v1-server ~]# 
[root@pulp-v1-server ~]# 
[root@pulp-v1-server ~]# 
[root@pulp-v1-server ~]# yum cleanall
Loaded plugins: product-id, security, subscription-manager
Updating certificate-based repositories.
No such command: cleanall. Please use /usr/bin/yum --help
[root@pulp-v1-server ~]# yum clean all
Loaded plugins: product-id, security, subscription-manager
Updating certificate-based repositories.
Cleaning repos: epel pulp-v1-testing rhel6
Cleaning up Everything
[root@pulp-v1-server ~]# yum install pulp
Loaded plugins: product-id, security, subscription-manager
Updating certificate-based repositories.
epel/metalink                                            | 9.4 kB     00:00     
epel                                                     | 4.0 kB     00:00     
epel/primary_db                                          | 4.2 MB     00:07     
pulp-v1-testing                                          | 1.3 kB     00:00     
pulp-v1-testing/primary                                  | 6.6 kB     00:00     
pulp-v1-testing                                                           21/21
rhel6                                                    | 4.0 kB     00:00     
rhel6/primary_db                                         | 3.1 MB     00:01     
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package pulp.noarch 0:1.0.0-5.el6 will be installed
--> Processing Dependency: pulp-selinux-server = 1.0.0 for package: pulp-1.0.0-5.el6.noarch
--> Processing Dependency: pulp-common = 1.0.0 for package: pulp-1.0.0-5.el6.noarch
--> Running transaction check
---> Package pulp-common.noarch 0:1.0.0-5.el6 will be installed
---> Package pulp-selinux-server.noarch 0:1.0.0-5.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                 Arch       Version           Repository           Size
================================================================================
Installing:
 pulp                    noarch     1.0.0-5.el6       pulp-v1-testing     713 k
Installing for dependencies:
 pulp-common             noarch     1.0.0-5.el6       pulp-v1-testing      48 k
 pulp-selinux-server     noarch     1.0.0-5.el6       pulp-v1-testing      40 k

Transaction Summary
================================================================================
Install       3 Package(s)

Total download size: 801 k
Installed size: 3.3 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): pulp-1.0.0-5.el6.noarch.rpm                       | 713 kB     00:01     
(2/3): pulp-common-1.0.0-5.el6.noarch.rpm                |  48 kB     00:00     
(3/3): pulp-selinux-server-1.0.0-5.el6.noarch.rpm        |  40 kB     00:00     
--------------------------------------------------------------------------------
Total                                           237 kB/s | 801 kB     00:03     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : pulp-selinux-server-1.0.0-5.el6.noarch                       1/3 
  Installing : pulp-common-1.0.0-5.el6.noarch                               2/3 
  Installing : pulp-1.0.0-5.el6.noarch                                      3/3 
Installed products updated.

Installed:
  pulp.noarch 0:1.0.0-5.el6                                                     

Dependency Installed:
  pulp-common.noarch 0:1.0.0-5.el6   pulp-selinux-server.noarch 0:1.0.0-5.el6  

Complete!
[root@pulp-v1-server ~]# semanage port -l | grep amqp_port_t | grep tcp | grep 5674
amqp_port_t                    tcp      5674, 5671, 5672
[root@pulp-v1-server ~]# semanage port -l | grep amqp_port_t | grep udp | grep 5674
amqp_port_t                    udp      5674, 5671, 5672
Comment 5 Preethi Thomas 2012-05-25 14:15:08 UTC 
Pulp v1.1 Release