Red Hat Bugzilla – Bug 1224639
'glusterd.socket' file created by rpm scriptlet is not cleaned-up properly post installation
Last modified: 2016-01-03 23:50:04 EST
Description of problem: 'glusterd.socket' file created by rpm scriptlet is not cleaned-up properly post installation Version-Release number of selected component (if applicable): glusterfs-fuse-3.7.0-2.el6rhs.x86_64 glusterfs-libs-3.7.0-2.el6rhs.x86_64 glusterfs-client-xlators-3.7.0-2.el6rhs.x86_64 glusterfs-api-3.7.0-2.el6rhs.x86_64 glusterfs-3.7.0-2.el6rhs.x86_64 glusterfs-cli-3.7.0-2.el6rhs.x86_64 glusterfs-server-3.7.0-2.el6rhs.x86_64 How reproducible: Always Steps to Reproduce: 1. Install the RHGS 3.1 build 2 # yum install glusterfs-server Actual results: AFAIK, the 'glusterd.socket' file is first created by rpm scriptlet as part of a start and stop operation done in the post upgrade script to re-generate the configuration files. During the process it gets a wrong label of "var_run_t" as we don't have filename transition rules in RHEL-6. However, as this file is not cleaned after the installation, the write access and unlink access required on the sock_file '/var/run/glusterd.socket' while manually starting 'glusterd' for the first time is prevented by SELinux. This is identified as the reason for the 2 SELinux bugs [1] and [2]. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1214253 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1214258 So doing a proper clean as part of post upgrade section of rpm installation is required to avoid issues like this. Expected results: Any temporary files created as part of the rpm installation should be removed post installation. As part of that, 'glusterd.socket; should also get removed. Additional info: ##### [root@dhcp42-246 run]# /etc/init.d/glusterd status glusterd is stopped [root@dhcp42-246 run]# ls -lZ glusterd.socket srwxr-xr-x. root root unconfined_u:object_r:var_run_t:s0 glusterd.socket [root@dhcp42-246 run]# /etc/init.d/glusterd start Starting glusterd: [ OK ] [root@dhcp42-246 run]# ls -lZ glusterd.socket srwxr-xr-x. root root unconfined_u:object_r:glusterd_var_run_t:s0 glusterd.socket [root@dhcp42-246 run]# /etc/init.d/glusterd status glusterd (pid 5278) is running... #####
Verified as fixed in glusterfs-3.7.1-4.el6rhs.x86_64 ##### [root@dhcp43-61 run]# /etc/init.d/glusterd status glusterd is stopped [root@dhcp43-61 run]# pwd /var/run [root@dhcp43-61 run]# ls -lZ glusterd.socket ls: cannot access glusterd.socket: No such file or directory [root@dhcp43-61 run]# /etc/init.d/glusterd start Starting glusterd: [ OK ] [root@dhcp43-61 run]# ls -lZ glusterd.socket srwxr-xr-x. root root unconfined_u:object_r:glusterd_var_run_t:s0 glusterd.socket [root@dhcp43-61 run]# /etc/init.d/glusterd status glusterd (pid 2284) is running... #####
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-1495.html