Description of problem: ======================= With selinux enabled and set to enforcing mode, gluster peer probe throws out error message. Now that testing to be done with selinux enabled, this should work. [root@transformers ~]# gluster peer probe ninja peer probe: failed: Probe returned with unknown errno 107 Version-Release number of selected component (if applicable): ============================================================= [root@transformers ~]# gluster --version glusterfs 3.7dev built on Apr 9 2015 01:10:22 Repository revision: git://git.gluster.com/glusterfs.git Copyright (c) 2006-2011 Gluster Inc. <http://www.gluster.com> GlusterFS comes with ABSOLUTELY NO WARRANTY. You may redistribute copies of GlusterFS under the terms of the GNU General Public License. How reproducible: ================= 100% Actual results: Expected results: Additional info: =============== cli log snippet : [2014-10-13 18:04:51.925839] I [cli.c:710:main] 0-cli: Started running gluster with version 3.7dev [2014-10-13 18:04:52.072269] I [event-epoll.c:629:event_dispatch_epoll_worker] 0-epoll: Started thread with index 1 [2014-10-13 18:04:52.072453] I [socket.c:2409:socket_event_handler] 0-transport: disconnecting now [2014-10-13 18:04:52.110605] I [cli-rpc-ops.c:133:gf_cli_probe_cbk] 0-cli: Received resp to probe [2014-10-13 18:04:52.110665] E [cli-rpc-ops.c:138:gf_cli_probe_cbk] 0-cli: Probe returned with unknown errno 107 [2014-10-13 18:04:52.110759] I [input.c:36:cli_batch] 0-: Exiting with: -1
Have you ensured that no additional firewall settings are there. Is ping to the new server responding ?
I have flushed the iptables and ping is working.. [root@transformers glusterfs]# ping ninja PING ninja.lab.eng.blr.redhat.com (10.70.34.68) 56(84) bytes of data. 64 bytes from ninja.lab.eng.blr.redhat.com (10.70.34.68): icmp_seq=1 ttl=64 time=0.435 ms 64 bytes from ninja.lab.eng.blr.redhat.com (10.70.34.68): icmp_seq=2 ttl=64 time=0.206 ms ^C --- ninja.lab.eng.blr.redhat.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1558ms rtt min/avg/max/mdev = 0.206/0.320/0.435/0.115 ms [root@transformers glusterfs]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@transformers glusterfs]# [root@ninja ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@ninja ~]# ping transformers PING transformers.lab.eng.blr.redhat.com (10.70.34.44) 56(84) bytes of data. 64 bytes from transformers.lab.eng.blr.redhat.com (10.70.34.44): icmp_seq=1 ttl=64 time=0.230 ms 64 bytes from transformers.lab.eng.blr.redhat.com (10.70.34.44): icmp_seq=2 ttl=64 time=0.174 ms ^C --- transformers.lab.eng.blr.redhat.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1726ms rtt min/avg/max/mdev = 0.174/0.202/0.230/0.028 ms [root@ninja ~]#
Solving problems arising due to SELinux almost always mean writing a correct SELinux policy. As far as I understand, writing SELinux policies for a package is done by the distribution shipping the package. Fedora, CentOS (atleast CentOS7) and RHEL 7 ship a GlusterD policy (/etc/selinux/targeted/modules/active/modules/glusterd.pp) in their selinux-policy-targetted package. I also checked with RHEL-6.6, which also contains apparently has the policy file, but is not owned by any package (we need to find how it got there, but that is another problem in itself). Which distribution and GlusterFS package are you using? As I understand, QE testing for RHS-3.1 is being done on RHEL-6.6 and RHEL-7.1. Can you check if you have the above mentioned policy file on your systems? If you do have it, can you attempt do a SELinux relabeling and check if that solves your issue. In any case this is not an issue with GlusterFS itself. I recommend closing this bug. I'll wait for the answers to my questions above before closing.
Distribution : RHEl 6.6 Gluster version : glusterfs 3.7dev built on Apr 9 2015 01:10:22 The file do exist and i tried relabelling with fixfiles but doesn't solve the problem.
Bhaskarakiran, I am using RHEL 6.6 with glusterfs-3.7 nightly builds and I am not seeing any such problems. Could you explain further on how did you eneded up with this problem as selinux issue ? And provide some info on the setup related information - Is it the RHEL 6.6 you installed from ISO ?
Missed to set need_info as a part of comment5
Installed RHEL6.6 through pxe. Did a rebelling with fixfiles and rebooted the machine. I am able to probe on server but now on the other it gives a different error : [root@vertigo modules]# gluster peer probe transformers peer probe: failed: Error through RPC layer, retry again later [root@vertigo modules]# gluster peer probe transformers peer probe: failed: Error through RPC layer, retry again later [root@vertigo modules]#
With my last chat with Bhaskarakiran, he says everything worked well after restarting glusterd on that node. I suppose this is not a problem with selinux in any means, as I am using the setup of RHEL 6.6 machines + glusterfs-3.7 nightly builds, with selinux enabled and I don't see this problem
This is not a bug really caused by selinux and closing the bug