Please show me

ls -laZ /usr/share/foreman/config/hooks/host/managed/after_commit/hook_test.sh

Also paste me the script itself.

Ownership/permissions might be incorrect. Thanks.

Hook contents are in comment #1. It's just dumping stdout to /tmp/host.txt.

It works on my development install, but I also tried on a Foreman 1.10 RC this morning and it doesn't work there either.

Here's ls -alZ:

[root@sat-perf-01 ~]# ls -alZ /usr/share/foreman/config/hooks/host/managed/after_commit/hook_test.sh 
-rwxr-xr-x. root root unconfined_u:object_r:bin_t:s0   /usr/share/foreman/config/hooks/host/managed/after_commit/hook_test.sh


foreman user can run it fine, this succeeds:
  sudo -u foreman /usr/share/foreman/config/hooks/host/managed/after_commit/hook_test.sh


What's weird is foreamn-selinux references a hook context (system_u:object_r:foreman_hook_t,s0) but restorecon doesn't fix it.  But it's broken even in Permissive for me anyway.


If you notice the debug logs when this stuff happens:
2015-11-16 06:21:15 [app] [I] Finished registering 1 hooks for Host::Managed#after_commit
2015-11-16 06:21:41 [app] [D] Observed after_commit hook on katello-centos7-foreman.example.com
2015-11-16 06:21:41 [app] [D] Running 1 hooks for Host::Managed#after_commit


It's never getting past running the hook.  It should log some additional messages:
  https://github.com/theforeman/foreman_hooks/blob/master/lib/foreman_hooks/util.rb#L53

Any ideas?

13:37       stbenjam | oh god
13:37       stbenjam | ├── systemd-private-c4ZQa9
13:37       stbenjam | │   └── tmp
13:37       stbenjam | │       └── host.txt

Feature of RHEL7 called "private tmp dirs".

Thanks Lukáš!!

So I'm not quite understanding here -- if this is not a bug, how is this addressed in the foreman components?

Karl

I'm not sure I understand the question?

Read comment #4, this was never a bug to begin with.

QE and I were testing a hook that wrote to /tmp, and on rhel 7 it gets written to private tmp for foreman-proxy (/tmp/systemd-private-XXXXXXX/tmp).