.live.[root@x86-64-6s-v2-cfse tps]# ls -al /etc/katello/secure/passphrase ls: cannot access /etc/katello/secure/passphrase: No such file or directory .live.[root@x86-64-6s-v2-cfse tps]# tps-upgrade Upgrading 2012:13709 using command: rpm -Uvh $( tps-filter-filelist -u ) Preparing... ########################################### [100%] 1:puppet ########################################### [ 2%] 2:pulp-common ########################################### [ 5%] 3:pulp-client-lib ########################################### [ 7%] 4:rubygem-activesupport ########################################### [ 9%] 5:rubygem-delayed_job ########################################### [ 12%] 6:rubygem-chunky_png ########################################### [ 14%] 7:rubygem-compass ########################################### [ 16%] 8:rubygem-compass-960-plu########################################### [ 19%] 9:rubygem-net-ldap ########################################### [ 21%] 10:rubygem-ldap_fluff ########################################### [ 23%] 11:rubygem-mail ########################################### [ 26%] 12:quartz ########################################### [ 28%] 13:candlepin ########################################### [ 30%] 14:candlepin-tomcat6 ########################################### [ 33%] 15:candlepin-selinux ########################################### [ 35%] 16:katello-cli-common ########################################### [ 37%] 17:katello-cli ########################################### [ 40%] 18:grinder ########################################### [ 42%] 19:rubygem-apipie-rails ########################################### [ 44%] 20:katello-common ########################################### [ 47%] 21:katello-glue-pulp ########################################### [ 49%] 22:katello-selinux ########################################### [ 51%] libsepol.print_missing_requirements: katello's global requirements were not met: type/attribute unconfined_t (No such file or directory). libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory). /usr/sbin/semanage: Could not commit semanage transaction /sbin/restorecon reset /etc/katello/secure context system_u:object_r:etc_t:s0->system_u:object_r:katello_secetc_dir_t:s0 23:katello-glue-candlepin ########################################### [ 53%] 24:katello ########################################### [ 56%] 25:katello-certs-tools ########################################### [ 58%] 26:katello-configure ########################################### [ 60%] 27:rubygem-sqlite3 ########################################### [ 63%] 28:pulp-selinux-server ########################################### [ 65%] 29:pulp ########################################### [ 67%] 30:katello-all ########################################### [ 70%] 31:ruby-sqlite3 ########################################### [ 72%] 32:katello-api-docs ########################################### [ 74%] 33:katello-cli-tests ########################################### [ 77%] 34:rubygem-mail-doc ########################################### [ 79%] 35:rubygem-compass-960-plu########################################### [ 81%] 36:rubygem-delayed_job-doc########################################### [ 84%] 37:rubygem-actionpack ########################################### [ 86%] 38:pulp-admin ########################################### [ 88%] 39:pulp-consumer ########################################### [ 91%] 40:puppet-server ########################################### [ 93%] 41:rubygem-sqlite3-debugin########################################### [ 95%] 42:candlepin-devel ########################################### [ 98%] 43:converge-ui-devel ########################################### [100%] .live.[root@x86-64-6s-v2-cfse tps]# /usr/sbin/katello-selinux-enable libsepol.print_missing_requirements: katello's global requirements were not met: type/attribute unconfined_t (No such file or directory). libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory). /usr/sbin/semanage: Could not commit semanage transaction .live.[root@x86-64-6s-v2-cfse tps]#
Tested a non-upgrade scenario and it worked fine. Testing an upgrade scenario now.
I was not able to reproduce this by upgrading from SE 1.0 to 1.1 with selinux enabled. Nor by running selinux-enable Installing : quartz-2.1.5-4.el6cf.noarch 59/93 Updating : candlepin-0.7.8-1.el6cf.noarch 60/93 Updating : candlepin-tomcat6-0.7.8-1.el6cf.noarch 61/93 Installing : candlepin-selinux-0.7.8-1.el6cf.noarch 62/93 Installing : rubygem-apipie-rails-0.0.11-2.el6cf.noarch 63/93 Updating : katello-common-1.1.12-12.el6cf.noarch 64/93 warning: /etc/httpd/conf.d/katello.conf created as /etc/httpd/conf.d/katello.conf.rpmnew warning: /etc/katello/katello.yml created as /etc/katello/katello.yml.rpmnew warning: /etc/katello/thin.yml created as /etc/katello/thin.yml.rpmnew Updating : katello-selinux-1.1.1-1.el6cf.noarch 65/93 Updating : katello-glue-candlepin-1.1.12-12.el6cf.noarch 66/93 Updating : katello-glue-pulp-1.1.12-12.el6cf.noarch 67/93 Updating : katello-1.1.12-12.el6cf.noarch 68/93 Updating : katello-all-1.1.12-12.el6cf.noarch 69/93 Updating : 1:rubygem-actionpack-3.0.10-10.el6cf.noarch 70/93 Updating : rubygem-mail-2.3.0-3.el6cf.noarch 71/93 Cleanup : katello-all-0.1.311-1.el6_2.noarch <SNIP> Works with katello-selinux-enable too: [root@dhcp77-152 ~]# katello-selinux-enable [root@dhcp77-152 ~]# Can you provide any other steps to reproduce?
no .. I don't have any other steps to reproduce at this point. I'm trying the work around mentioned in this bug https://bugzilla.redhat.com/show_bug.cgi?id=511067 ...
This appears to be fixed in: https://github.com/Katello/katello/commit/508a1e5912e0c3ea3347af7cb44f69034006636f or at least making that change appears to fix katello-selinux-enable. From what i understand that makes sense as the error is occuring when installing the selinux module for mls mode (targeted works fine). Mirek, Do you see any issues with bringing this into System engine 1.1? Since we don't support mls i would think it would be ok. Can you confirm? Thanks, -Justin
I see no issues in cherry picking that commit to 1.1. But I do not think it is cause of this error. I would really like to get login on machine where it reproduces or get deterministic reproducer.
I got hands on reproducer and I agree that patch from #4 is correct fix.
TPS is no longer showing this issue, marking as VERIFIED: * candlepin-0.7.8.1-1.el6cf.noarch * candlepin-selinux-0.7.8.1-1.el6cf.noarch * candlepin-tomcat6-0.7.8.1-1.el6cf.noarch * katello-1.1.12-17.el6cf.noarch * katello-all-1.1.12-17.el6cf.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.1.8-1.el6cf.noarch * katello-cli-1.1.8-9.el6cf.noarch * katello-cli-common-1.1.8-9.el6cf.noarch * katello-common-1.1.12-17.el6cf.noarch * katello-configure-1.1.9-8.el6cf.noarch * katello-glue-candlepin-1.1.12-17.el6cf.noarch * katello-glue-pulp-1.1.12-17.el6cf.noarch * katello-qpid-broker-key-pair-1.0-1.noarch * katello-qpid-client-key-pair-1.0-1.noarch * katello-selinux-1.1.1-2.el6cf.noarch * pulp-1.1.14-1.el6cf.noarch * pulp-common-1.1.14-1.el6cf.noarch * pulp-selinux-server-1.1.14-1.el6cf.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2012-1543.html