Bug 836980 - stap-server fails to install
stap-server fails to install
Status: CLOSED DUPLICATE of bug 828606
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: selinux-policy (Show other bugs)
7.0
All Linux
high Severity high
: beta
: ---
Assigned To: Miroslav Grepl
Milos Malik
:
Depends On: 828606
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-02 07:48 EDT by Martin Cermak
Modified: 2013-01-29 04:49 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-07-17 04:02:12 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Martin Cermak 2012-07-02 07:48:33 EDT
Description of problem:

# yum install systemtap-server
Loaded plugins: langpacks, product-id, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Resolving Dependencies
--> Running transaction check
---> Package systemtap-server.s390x 0:1.8-1.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==================================================================================================================================
 Package                               Arch                       Version                        Repository                  Size
==================================================================================================================================
Installing:
 systemtap-server                      s390x                      1.8-1.el7                      rhel7                      165 k

Transaction Summary
==================================================================================================================================
Install  1 Package

Total download size: 165 k
Installed size: 656 k
Is this ok [y/N]: y
Downloading Packages:
systemtap-server-1.8-1.el7.s390x.rpm                                                                       | 165 kB     00:00     
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
  Installing : systemtap-server-1.8-1.el7.s390x                                                                               1/1 
warning: user stap-server does not exist - using root
runuser: user stap-server does not exist
Could not open certificate file ~stap-server/.systemtap/ssl/server/stap.cert for reading
No such file or directory
Unable to authorize certificate
Could not open certificate file ~stap-server/.systemtap/ssl/server/stap.cert for reading
No such file or directory
Unable to authorize certificate
Installed products updated.
  Verifying  : systemtap-server-1.8-1.el7.s390x                                                                               1/1 

Installed:
  systemtap-server.s390x 0:1.8-1.el7                                                                                              

Complete!

Version-Release number of selected component (if applicable):

systemtap-server-1.8-1.el7.s390x

How reproducible:

Always

Additional info:

Observed also on x86_64. Due to this, the server can't start: 

# service stap-server start
Starting stap-server -a "x86_64" -r "3.3.0-0.15.el7.x86_64" -u "stap-server" --log "/var/log/stap-server/log"
runuser: user stap-server does not exist
                                                           [FAILED]
Comment 1 Paul W. Frields 2012-07-13 14:55:50 EDT
type=AVC msg=audit(1342205570.209:367): avc:  denied  { write } for  pid=11210 comm="useradd" name="lib" dev="dm-1" ino=28 scontext=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir

This happens when the %preinstall script tries to create the /var/lib/stap-server. Reassigning to selinux-policy to insure this is kosher and if so fix policy.
Comment 2 Daniel Walsh 2012-07-16 17:07:11 EDT
Why is useradd trying to write to /var/lib directory, is this where the user exists?
Comment 3 Miroslav Grepl 2012-07-16 17:14:44 EDT
Yes, the stap-server rpm script runs useradd to create stapuser with /var/lib/stapserver as homedir.

We have stapserver policy in rawhide.
Comment 4 Miroslav Grepl 2012-07-17 04:02:12 EDT

*** This bug has been marked as a duplicate of bug 828606 ***

Note You need to log in before you can comment on or make changes to this bug.