Bug 487235 - selinux, restarting satellite via webui fails
Summary: selinux, restarting satellite via webui fails
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Other
Version: 530
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Jan Pazdziora
QA Contact: wes hayutin
URL: https://gibson.usersys.redhat.com/rhn...
Whiteboard:
Depends On:
Blocks: 457079
TreeView+ depends on / blocked
 
Reported: 2009-02-24 22:04 UTC by wes hayutin
Modified: 2009-02-26 15:31 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-02-25 13:04:48 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description wes hayutin 2009-02-24 22:04:38 UTC
Description of problem:

1. install latest build
Satellite-5.3.0-RHEL5-re20090220.1-i386-embedded-oracle.iso

2. (my own satellite, actually two of them I had just enabled monitoring)

3. navigate to the webui, admin, sat config -> restart satellite

4. satellite never comes back up...


2009-02-24 15:49:18,606 [RHN Message Dispatcher] WARN  com.redhat.rhn.frontend.events.RestartSatelliteAction - Restarting satellite.
Feb 24, 2009 3:49:59 PM org.apache.coyote.http11.Http11BaseProtocol pause
INFO: Pausing Coyote HTTP/1.1 on http-8080
Feb 24, 2009 3:50:00 PM org.apache.catalina.core.StandardService stop
INFO: Stopping service Catalina
Feb 24, 2009 3:50:01 PM org.apache.coyote.http11.Http11BaseProtocol destroy
INFO: Stopping Coyote HTTP/1.1 on http-8080
Feb 24, 2009 3:50:01 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: Failed shutdown of Apache Portable Runtime
Feb 24, 2009 3:50:55 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/lib/jvm/java-1.6.0-ibm-1.6.0.1/jre/lib/i386:/opt/oracle/lib:/usr/lib:/usr/lib
Feb 24, 2009 3:50:57 PM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Feb 24, 2009 3:50:57 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 11758 ms
Feb 24, 2009 3:50:58 PM org.apache.catalina.users.MemoryUserDatabase save
WARNING: User database is not persistable - no write permissions on directory
Feb 24, 2009 3:50:58 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Feb 24, 2009 3:50:58 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.23
Feb 24, 2009 3:50:58 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Feb 24, 2009 3:50:58 PM org.apache.catalina.startup.HostConfig deployDescriptor
WARNING: A docBase /var/lib/tomcat5/webapps/rhn inside the host appBase has been specified, and will be ignored
Feb 24, 2009 3:51:00 PM org.apache.catalina.loader.WebappClassLoader validateJarFile
INFO: validateJarFile(/usr/share/tomcat5/webapps/rhn/WEB-INF/lib/jspapi.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: javax/servlet/jsp/JspPage.class
Feb 24, 2009 3:51:28 PM com.mchange.v2.log.MLog <clinit>
INFO: MLog clients using java 1.4+ standard logging.
Feb 24, 2009 3:51:30 PM com.mchange.v2.c3p0.C3P0Registry banner
INFO: Initializing c3p0-0.9.0 [built 13-July-2007 10:11:26 -0400; debug? false; trace: 5]
Feb 24, 2009 3:51:33 PM com.mchange.v2.c3p0.PoolBackedDataSource getPoolManager
INFO: Initializing c3p0 pool... com.mchange.v2.c3p0.PoolBackedDataSource@5c715c71 [ connectionPoolDataSource -> com.mchange.v2.c3p0.WrapperConnectionPoolDataSource@2dce2dce [ acquireIncrement -> 3, acquireRetryAttempts -> 30, acquireRetryDelay -> 1000, autoCommitOnClose -> false, automaticTestTable -> null, breakAfterAcquireFailure -> false, checkoutTimeout -> 0, connectionTesterClassName -> com.mchange.v2.c3p0.impl.DefaultConnectionTester, factoryClassLocation -> null, forceIgnoreUnresolvedTransactions -> false, identityToken -> 2dce2dce, idleConnectionTestPeriod -> 300, initialPoolSize -> 5, maxIdleTime -> 300, maxPoolSize -> 20, maxStatements -> 0, maxStatementsPerConnection -> 0, minPoolSize -> 5, nestedDataSource -> com.mchange.v2.c3p0.DriverManagerDataSource@42094209 [ description -> null, driverClass -> null, factoryClassLocation -> null, identityToken -> 42094209, jdbcUrl -> jdbc:oracle:thin:@localhost:1521:rhnsat, properties -> {user=******, password=******} ], preferredTestQuery -> null, propertyCycle -> 300, testConnectionOnCheckin -> false, testConnectionOnCheckout -> false, usesTraditionalReflectiveProxies -> false ], factoryClassLocation -> null, identityToken -> 5c715c71, numHelperThreads -> 3 ]
Feb 24, 2009 3:53:10 PM org.apache.coyote.http11.Http11BaseProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Feb 24, 2009 3:53:11 PM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Feb 24, 2009 3:53:11 PM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/740  config=null
Feb 24, 2009 3:53:12 PM org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
Feb 24, 2009 3:53:13 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 136119 ms


SELinux errors are the same errors reported in 
https://bugzilla.redhat.com/show_bug.cgi?id=487221

This does put Satellite in an unusable condition.

Comment 1 Jan Pazdziora 2009-02-25 08:45:53 UTC
Can you confirm that if you do not enable monitoring, the restart from WebUI works without problems?

Also, since you say in bug 487221 that the restart went OK and it did not go OK here, could you tell me what exactly is the difference between what you did in bug 487221 and how you run the restart here?

Comment 2 wes hayutin 2009-02-25 13:04:48 UTC
so I tested this last night... 
on a fresh install of the latest iso w/ selinux enforcing..

restarting satellite via the webui works just fine.


I'm going to pursue bug 487221, and then retest this scenario when 487221 is fixed. Closing this bug for now..


Note You need to log in before you can comment on or make changes to this bug.