Bug 1037917 - [nfslock&rpc.statd] service nfslock restart fail with: Opening /var/run/rpc.statd.pid failed: Permission denied
Summary: [nfslock&rpc.statd] service nfslock restart fail with: Opening /var/run/rpc.s...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: selinux-policy
Version: 7.0
Hardware: All
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-12-04 04:13 UTC by JianHong Yin
Modified: 2014-02-18 01:20 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-02-18 01:19:28 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description JianHong Yin 2013-12-04 04:13:54 UTC 
Description of problem:
service nfslock restart fail. with err log: 
 Opening /var/run/rpc.statd.pid failed: Permission denied

Version-Release number of selected component (if applicable):
------------------------------------------------
TimeInfo  : 2013-12-03 22:40:46
CaseName  : /CoreOS/nfs-utils/commands/utils/rpc-statd
$HOSTNAME : dell-pr7610-01.lab.bos.redhat.com
DistroInfo: RedHatEnterpriseWorkstation 7.0 : RHEL-7.0-20131123.0
kernelInfo: Linux dell-pr7610-01.lab.bos.redhat.com 3.10.0-54.el7.x86_64 #1 SMP Thu Nov 21 15:34:15 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
packageInfo
	libnfsidmap-0.25-7.el7.x86_64
	package libsss_idmap is not installed
	nfs-utils-1.2.9-0.3.el7.x86_64
------------------------------------------------

How reproducible:
100%

Steps to Reproduce:
1. rpc.statd -p 33445 && pkill rpc.statd
2. echo -e "STATDARG=\"-p 12345\"" >/etc/sysconfig/nfs
3. service_nfs restart && service nfslock restart


Actual results:
service nfslock restart fail, with log:
Dec  3 22:40:54 dell-pr7610-01 systemd: Starting NFS Mount Daemon...
Dec  3 22:40:54 dell-pr7610-01 rpc.mountd[10749]: Version 1.2.9 starting
Dec  3 22:40:54 dell-pr7610-01 systemd: Started NFS Mount Daemon.
Dec  3 22:40:54 dell-pr7610-01 systemd: Starting NFS Server...
Dec  3 22:40:54 dell-pr7610-01 kernel: [  105.407401] NFSD: starting 90-second grace period (net ffffffff8196d500)
Dec  3 22:40:55 dell-pr7610-01 systemd: Started NFS Server.
Dec  3 22:40:55 dell-pr7610-01 systemd: Starting NFSv4 ID-name mapping daemon...
Dec  3 22:40:55 dell-pr7610-01 systemd: Starting NFS Remote Quota Server...
Dec  3 22:40:55 dell-pr7610-01 systemd: Started NFSv4 ID-name mapping daemon.
Dec  3 22:40:55 dell-pr7610-01 systemd: Started NFS Remote Quota Server.
Dec  3 22:40:57 dell-pr7610-01 systemd: Starting NFS file locking service....
Dec  3 22:40:57 dell-pr7610-01 rpc.statd[10817]: Version 1.2.9 starting
Dec  3 22:40:57 dell-pr7610-01 rpc.statd[10817]: Opening /var/run/rpc.statd.pid failed: Permission denied
Dec  3 22:40:57 dell-pr7610-01 systemd: nfs-lock.service: control process exited, code=exited status=1
Dec  3 22:40:57 dell-pr7610-01 systemd: Failed to start NFS file locking service..
Dec  3 22:40:57 dell-pr7610-01 systemd: Unit nfs-lock.service entered failed state.

Expected results:
works fine like test in RHEL6

Additional info:
Comment 3 Steve Dickson 2013-12-11 19:33:27 UTC 
This seems to be a SELinux issue... Doing a setenforce 0 make the problem
go away...
Comment 4 Miroslav Grepl 2014-02-17 16:15:15 UTC 
Any AVC msgs? Does it work with

# restorecon -R -v /var/run/rpc.statd.pid
Comment 5 JianHong Yin 2014-02-18 01:19:28 UTC 
not reproduced in latest snapshot build: RHEL-7.0-20140214.0;
and the orig distro build: RHEL-7.0-20131123.0 has been delete from lab.

so close.
Comment 6 JianHong Yin 2014-02-18 01:20:25 UTC 
latest test log:
  https://beaker.engineering.redhat.com/jobs/594186
  http://beaker-archive.app.eng.bos.redhat.com/beaker-logs/2014/02/5941/594186/1230616/19211140/TESTOUT.log
Note You need to log in before you can comment on or make changes to this bug.