Description of problem:
DBus daemon is by default listening on unix socket placed in /run/dbus/system_bus_socket. Since /run is mount.bind into chroot environment it is possible to connect to DBus but this connection is handled by DBus daemon running outside chroot enviroment.
The outside running DBus daemon is not aware of configuration in chroot environment and therefore does not permit actions that should be allowed according to configuration in chroot environment.
The preferred solution would be to start separate instance of DBus daemon inside chroot environment
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install RHEL 7.2 with attached kickstart file
Certmonger fails to connect to D-Bus and is therefore unreachable.
Certmonger connects to D-Bus and can be reached over D-Bus by (not only) getcert utility.
This is general Anaconda issue (not RHEL 7.2 specific). I hit it on Fedora 22 too and believe it's present on other versions as well.
Created attachment 1082761 [details]
Reproducing kickstart file.
You cannot run things that expect to talk to DBus from %post. The chroot is not a running system until it has been rebooted, and trying to treat it as such is going to end up causing no end of problems.
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Ok. Then why is DBus available in chroot? Is there a chance /run will be not mount.bind? The problem is DBus is available but behaves other than expected.
That's just a side-effect of how the chroot needs to be setup for other things.
Bind-mounting /run (together with /sys) to /mnt/sysimage (the installed system) was added because of dracut and creation of hostonly initrd.img as documented in the bug #922988. I'm not sure what we could do here. We could probably bind-mount only some things from /run to /mnt/sysimage/run, but it'd be quite hard to identify which ones are needed/useful.