Bug 1123279
| Summary: | foreman-selinux fails to uninstall and reinstall cleanly | |||
|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Mike Burns <mburns> | |
| Component: | foreman-selinux | Assignee: | Lukas Zapletal <lzap> | |
| Status: | CLOSED ERRATA | QA Contact: | Ami Jeain <ajeain> | |
| Severity: | urgent | Docs Contact: | ||
| Priority: | urgent | |||
| Version: | 5.0 (RHEL 7) | CC: | lhh, lzap, mburns, yeylon | |
| Target Milestone: | ga | |||
| Target Release: | 5.0 (RHEL 6) | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | foreman-selinux-1.6.0.3-2.el6sat | Doc Type: | Bug Fix | |
| Doc Text: |
A post-install scriplet in the foreman-selinux package was issuing errors during uninstall. This was caused by the Elasticsearch port (9200-9300) not being removed properly before unloading the SELinux policy.
This resulted in the "yum uninstall" transaction being canceled, leaving Foreman in an uninstallable state.
Now, the scriplet has been fixed to remove ports prior to unloading the policy. As a result Foreman now uninstalls cleanly.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 1123381 (view as bug list) | Environment: | ||
| Last Closed: | 2014-08-04 18:36:10 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 1123381 | |||
| Bug Blocks: | ||||
Fix for Satellite 6 provided, waiting for review and then the next compose. So can I flip the bug to POST once this is in our composes? Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-1003.html |
Description of problem: There's a problem with foreman-selinux. It won't uninstall cleanly: libsepol.context_from_record: type elasticsearch_port_t is not defined libsepol.context_from_record: could not create context structure (Invalid argument). libsepol.port_from_record: could not create port structure for range 9200:9300 (tcp) (Invalid argument). libsepol.sepol_port_modify: could not load port range 9200 - 9300 (tcp) (Invalid argument). libsemanage.dbase_policydb_modify: could not modify record value (Invalid argument). libsemanage.semanage_base_merge_components: could not merge local modifications into policy (Invalid argument). /usr/sbin/semodule: Failed! And it also leaves its SELinux modifications in the system; at least, that is: # semanage port -l | grep 9200 elasticsearch_port_t tcp 9200-9300 (When it's being installed, it does /usr/sbin/semanage -S $selinuxvariant -i - << _EOT2 port -a -t elasticsearch_port_t -p tcp 9200-9300 _EOT2). As a result, it cannot be installed again cleanly anymore: /usr/sbin/semanage: Port tcp/9200-9300 already defined warning: %post(foreman-selinux-1.6.0.3-1.el6sat.noarch) scriptlet failed, exit status 1