1563774 – Creating a whole disk secure hardened image for use with overcloud deployment failed. subprocess.CalledProcessError: Command 'sudo umount /tmp/dib_build.a0Ce67N4/mnt/tmp' returned non-zero exit status 32

Bug 1563774 - Creating a whole disk secure hardened image for use with overcloud deployment failed. subprocess.CalledProcessError: Command 'sudo umount /tmp/dib_build.a0Ce67N4/mnt/tmp' returned non-zero exit status 32

Summary: Creating a whole disk secure hardened image for use with overcloud deployment...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-tripleo-image-elements
Sub Component:
Version:	13.0 (Queens)
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	beta
Target Release:	13.0 (Queens)
Assignee:	Alex Schultz
QA Contact:	Shai Revivo
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1477921
TreeView+	depends on / blocked

Reported:	2018-04-04 16:35 UTC by mlammon
Modified:	2018-06-27 13:50 UTC (History)
CC List:	4 users (show)
Fixed In Version:	openstack-tripleo-image-elements-8.0.0-3.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-06-27 13:50:03 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
OpenStack gerrit	559057	0	'None'	'MERGED'	'Add a dependency on block-device-mbr element'	2019-11-20 11:59:07 UTC
Red Hat Product Errata	RHEA-2018:2086	0	None	None	None	2018-06-27 13:50:53 UTC

Description mlammon 2018-04-04 16:35:44 UTC

Description of problem:
Creating a whole disk secure hardened image for use with overcloud deployment failed.
"subprocess.CalledProcessError: Command 'sudo umount /tmp/dib_build.a0Ce67N4/mnt/tmp' returned non-zero exit status 32"

environment:
diskimage-builder-2.12.2-0.20180326010239.ffc0687.el7ost.noarch
dib-utils-0.0.11-1.el7ost.noarch
dibbler-client-1.0.1-0.RC1.3.el7ost.x86_64
rhosp-director-images-13.0-20180328.1.el7ost.noarch
python-tripleoclient-9.2.0-2.el7ost.noarch
 
Steps to Reproduce:
1. Deploy openstack undercloud
2. Install director to /home/stack/images directory
3. Download rhel 7.5 qcow image (rhel-guest-image-7.5-146.x86_64.qcow2)
3. Prepare whole disk secure hardened image

The following were the commands used to create the disk image.
export DIB_LOCAL_IMAGE=/home/stack/rhel-guest-image-7.5-146.x86_64.qcow2
export DIB_YUM_REPO_CONF="/etc/yum.repos.d/rhos-release-13.repo /etc/yum.repos.d/rhos-release-rhel-7.5.repo"
openstack overcloud image build --image-name overcloud-hardened-full --config-file /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images.yaml --config-file /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-rhel7.yaml --verbose


2018-04-04 14:54:03.065 | INFO diskimage_builder.block_device.utils [-] Calling [sudo fstrim --verbose /tmp/dib_build.a0Ce67N4/mnt/var/log/audit]
2018-04-04 14:54:03.078 | INFO diskimage_builder.block_device.utils [-] Calling [sudo umount /tmp/dib_build.a0Ce67N4/mnt/var/log/audit]
2018-04-04 14:54:03.095 | INFO diskimage_builder.block_device.level3.mount [-] Called for [mount_fs_log]
2018-04-04 14:54:03.095 | INFO diskimage_builder.block_device.utils [-] Calling [sudo sync]
2018-04-04 14:54:03.108 | INFO diskimage_builder.block_device.utils [-] Calling [sudo fstrim --verbose /tmp/dib_build.a0Ce67N4/mnt/var/log]
2018-04-04 14:54:03.120 | INFO diskimage_builder.block_device.utils [-] Calling [sudo umount /tmp/dib_build.a0Ce67N4/mnt/var/log]
2018-04-04 14:54:03.137 | INFO diskimage_builder.block_device.level3.mount [-] Called for [mount_fs_var]
2018-04-04 14:54:03.137 | INFO diskimage_builder.block_device.utils [-] Calling [sudo sync]
2018-04-04 14:54:03.150 | INFO diskimage_builder.block_device.utils [-] Calling [sudo fstrim --verbose /tmp/dib_build.a0Ce67N4/mnt/var]
2018-04-04 14:54:03.162 | INFO diskimage_builder.block_device.utils [-] Calling [sudo umount /tmp/dib_build.a0Ce67N4/mnt/var]
2018-04-04 14:54:03.217 | INFO diskimage_builder.block_device.level3.mount [-] Called for [mount_fs_tmp]
2018-04-04 14:54:03.218 | INFO diskimage_builder.block_device.utils [-] Calling [sudo sync]
2018-04-04 14:54:03.231 | INFO diskimage_builder.block_device.utils [-] Calling [sudo fstrim --verbose /tmp/dib_build.a0Ce67N4/mnt/tmp]
2018-04-04 14:54:03.243 | INFO diskimage_builder.block_device.utils [-] Calling [sudo umount /tmp/dib_build.a0Ce67N4/mnt/tmp]
2018-04-04 14:54:03.255 | Traceback (most recent call last):
2018-04-04 14:54:03.255 |   File "/usr/bin/dib-block-device", line 10, in <module>
2018-04-04 14:54:03.255 |     sys.exit(main())
2018-04-04 14:54:03.255 |   File "/usr/lib/python2.7/site-packages/diskimage_builder/block_device/cmd.py", line 120, in main
2018-04-04 14:54:03.256 |     return bdc.main()
2018-04-04 14:54:03.256 |   File "/usr/lib/python2.7/site-packages/diskimage_builder/block_device/cmd.py", line 115, in main
2018-04-04 14:54:03.256 |     self.args.func()
2018-04-04 14:54:03.256 |   File "/usr/lib/python2.7/site-packages/diskimage_builder/block_device/cmd.py", line 39, in cmd_umount
2018-04-04 14:54:03.256 |     self.bd.cmd_umount()
2018-04-04 14:54:03.256 |   File "/usr/lib/python2.7/site-packages/diskimage_builder/block_device/blockdevice.py", line 441, in cmd_umount
2018-04-04 14:54:03.256 |     node.umount()
2018-04-04 14:54:03.256 |   File "/usr/lib/python2.7/site-packages/diskimage_builder/block_device/level3/mount.py", line 112, in umount
2018-04-04 14:54:03.256 |     exec_sudo(["umount", self.state['mount'][self.mount_point]['path']])
2018-04-04 14:54:03.256 |   File "/usr/lib/python2.7/site-packages/diskimage_builder/block_device/utils.py", line 125, in exec_sudo
2018-04-04 14:54:03.256 |     ' '.join(sudo_cmd))
2018-04-04 14:54:03.256 | subprocess.CalledProcessError: Command 'sudo umount /tmp/dib_build.a0Ce67N4/mnt/tmp' returned non-zero exit status 32

Comment 9 mlammon 2018-04-17 20:24:49 UTC

This bug has been verified today.   It build image successfully.

Env:
rhosp-director-images-ipa-13.0-20180412.1.el7ost.noarch
python-tripleoclient-9.2.0-3.el7ost.noarch
dib-utils-0.0.11-1.el7ost.noarch
rhosp-director-images-13.0-20180412.1.el7ost.noarch
diskimage-builder-2.12.2-0.20180408230325.f3d58d9.el7ost.noarch

(undercloud) [stack@undercloud-0 ~]$ tail -10 overcloud-hardened-full.log
2018-04-17 16:06:01.169 | INFO diskimage_builder.block_device.utils [-] Calling [sudo lvchange -an /dev/vg/lv_log]
2018-04-17 16:06:01.207 | INFO diskimage_builder.block_device.utils [-] Calling [sudo lvchange -an /dev/vg/lv_audit]
2018-04-17 16:06:01.247 | INFO diskimage_builder.block_device.utils [-] Calling [sudo lvchange -an /dev/vg/lv_home]
2018-04-17 16:06:01.283 | INFO diskimage_builder.block_device.utils [-] Calling [sudo vgchange -an vg]
2018-04-17 16:06:01.306 | INFO diskimage_builder.block_device.utils [-] Calling [sudo udevadm settle]
2018-04-17 16:06:01.324 | INFO diskimage_builder.block_device.utils [-] Calling [sudo kpartx -d /dev/loop0]
2018-04-17 16:06:01.351 | INFO diskimage_builder.block_device.utils [-] Calling [sudo pvscan --cache]
2018-04-17 16:06:01.374 | INFO diskimage_builder.block_device.blockdevice [-] Removing temporary state dir [/tmp/dib_build.UzIDdt3r/states/block-device]
2018-04-17 16:06:01.505 | Converting image using qemu-img convert
2018-04-17 16:08:14.524 | Image file ./overcloud-hardened-full.qcow2 created...

Here we see now "block-device-deps"

[root@undercloud-0 ~]# cat /usr/share/tripleo-image-elements/overcloud-secure/element-deps
block-device-mbr
package-installs

Comment 11 errata-xmlrpc 2018-06-27 13:50:03 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086

Note You need to log in before you can comment on or make changes to this bug.