1393265 – [TestOnly] Cockpit UI integrated setroubleshoot which package is not included in RHVH 4.0

Bug 1393265 - [TestOnly] Cockpit UI integrated setroubleshoot which package is not included in RHVH 4.0

Summary: [TestOnly] Cockpit UI integrated setroubleshoot which package is not included...

Keywords:
Status:	CLOSED DUPLICATE of bug 1450269
Alias:	None
Product:	ovirt-node
Classification:	oVirt
Component:	UI
Sub Component:
Version:	4.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium vote
Target Milestone:	ovirt-4.2.0
Target Release:	---
Assignee:	Yuval Turgeman
QA Contact:	cshao
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-11-09 08:39 UTC by Wei Wang
Modified:	2017-07-02 14:57 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-07-02 14:57:19 UTC
oVirt Team:	Node
Dependent Products:
Flags:	rule-engine: ovirt-4.2? rule-engine: blocker? fdeutsch: planning_ack? fdeutsch: devel_ack+ ycui: testing_ack+

Attachments	(Terms of Use)
picture (127.01 KB, image/png) 2016-11-09 08:39 UTC, Wei Wang	no flags	Details
log files (306.15 KB, application/x-gzip) 2016-11-09 08:48 UTC, Wei Wang	no flags	Details
ks file (1012 bytes, text/plain) 2016-11-09 08:49 UTC, Wei Wang	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Wei Wang 2016-11-09 08:39:12 UTC

Created attachment 1218847 [details]
picture

Description of problem:
Cockpit UI integrated setroubleshoot which package is not included in RHVH 4.0

Version-Release number of selected component (if applicable):
redhat-virtualization-host-4.0-0.20161107.0
imgbased-0.8.7-0.1.el7ev.noarch
cockpit-ws-118-2.el7.x86_64
cockpit-ovirt-dashboard-0.10.6-1.4.2.el7ev.noarch


How reproducible:
100%

Steps to Reproduce:
1. Install RHVH with redhat-virtualization-host-4.0-0.20161107.0 with kickstart script (Attached)
2. Login cockpit website hostIP:9090 with root account
3. Click "Tools" list
4. Check the "SELinux Troubleshoot" item
5. On node, check the setroubleshoot package is existed or not


Actual results:
After step 4, the "SELinux Troubleshoot" item is displayed
After step 5, setroubleshoot package is not integrated.

Expected results:
Integrate the setroubleshoot package when "SELinux Troubleshoot" item is displayed in cockpit UI
or
Remove the SELinux Troubleshoot" item in cockpit UI since no setroubleshoot package is integrated with RHVH 4.0


Additional info:

Comment 1 Wei Wang 2016-11-09 08:48:22 UTC

Created attachment 1218848 [details]
log files

Comment 2 Wei Wang 2016-11-09 08:49:04 UTC

Created attachment 1218849 [details]
ks file

Comment 3 Fabian Deutsch 2016-11-09 16:07:12 UTC

Dominik, do you think that cockpit should require the relevant package?

Comment 4 Dominik Perpeet 2016-11-10 14:52:19 UTC

For now there isn't much we can do. Choices for the future:
- Extend the setroubleshooting section of Cockpit in a way that provides value to users even if setroubleshoot-server isn't installed
- Allow installation of extra packages from within Cockpit

We can't use weak dependencies on RHEL right now, and we can't let Cockpit depend on setroubleshoot-server, since that isn't included on Atomic Host.

Comment 5 Fabian Deutsch 2016-11-10 21:58:43 UTC

I am also not sure if we want that on RHVH/Node right now.

I'd then suggest that we create a subpackage - or hide it conditionally. Second option sounds safer to me.

Comment 6 Yuval Turgeman 2016-11-14 18:37:11 UTC

A simple workaround would be to remove the /usr/share/cockpit/selinux, similar to the way it's done in the cockpit spec for centos, but wouldn't a cleaner solution would be to create a cockpit-selinux-plugin that requires setroubleshoot and cockpit ?

Comment 7 Yuval Turgeman 2016-11-16 10:52:08 UTC

There is already a definition for the selinux subpkg in the cockpit spec, but it's disabled for centos and rhel - any ideas why ?

Comment 8 Dominik Perpeet 2016-11-16 13:21:42 UTC

Right now selinux troubleshooting is folded into the cockpit-shell subpackage to avoid having too many packages.
Adding a hard dependency on setroubleshoot-server in cockpit-shell doesn't seem like a good solution either, because this can lead to trouble on systems like Atomic that don't have setroubleshoot-server.

I'll look into patching the current Cockpit code so that the selinux page works well without setroubleshoot-server installed.

Comment 9 Red Hat Bugzilla Rules Engine 2016-12-27 16:39:44 UTC

This bug report has Keywords: Regression or TestBlocker.
Since no regressions or test blockers are allowed between releases, it is also being identified as a blocker for this release. Please resolve ASAP.

Comment 10 Dominik Perpeet 2017-02-13 17:19:59 UTC

Upstream pull request is opened to clarify that the selinux package doesn't just involve troubleshooting. Instead of an error page, users can then still toggle between setenforce 1 and 0.
What remains is a hint that in order to troubleshoot actual events, setroubleshoot-server needs to be installed.

https://github.com/cockpit-project/cockpit/pull/5868

Comment 11 Yuval Turgeman 2017-07-02 14:57:19 UTC

setroubleshoot was added to the optional packages channel.

*** This bug has been marked as a duplicate of bug 1450269 ***

Note You need to log in before you can comment on or make changes to this bug.