Cause: rubygem ffi 1.9.25 reverted a patch which allowed it to work on systems with SELinux deny_execmem=1.
Consequence: Fluentd crashes.
Fix: The fix is to revert the patch reversion.
Result: Fluentd does not crash when using SELinux deny_execmem=1.
Description of problem:
Fluentd pods failed to start after an update to 3.9.41
It was working fine before that (OCP upgrade from 3.9.33 to 3.9.41)
Version-Release number of selected component (if applicable):
Upgarde fluentd from 3.9.33 to 3.9.41
All fluentd pods crash
All fluentd pods should start
Pods failed to start when setsebool -P deny_execmem 1 on nodes
looks like a regression since https://bugzilla.redhat.com/show_bug.cgi?id=1465039
Verified and pass with logging-fluentd/images/v3.9.45-1
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.