Bug 920738
| Summary: | GlusterFS volume creation fails (SELinux) | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Eric Harney <eharney> | ||||||
| Component: | openstack-selinux | Assignee: | RHOS Maint <rhos-maint> | ||||||
| Status: | CLOSED DUPLICATE | QA Contact: | Yaniv Kaul <ykaul> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 2.1 | CC: | jkt, lhh | ||||||
| Target Milestone: | snapshot5 | ||||||||
| Target Release: | 2.1 | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2013-03-12 17:59:07 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | 917972 | ||||||||
| Bug Blocks: | |||||||||
| Attachments: |
|
||||||||
Created attachment 709068 [details]
audit log (permissive mode)
Created attachment 709069 [details]
audit log (enforcing)
*** This bug has been marked as a duplicate of bug 917972 *** |
Description of problem: When using the GlusterFS volume driver, volumes created will end up in the error state. Version-Release number of selected component (if applicable): openstack-selinux-0.1.2-6.el6ost.noarch openstack-cinder-2012.2.3-6.el6ost.noarch Steps to Reproduce: 1. Configure volume_driver for gluster in /etc/cinder/cinder.conf 2. # cinder create 1 Actual results: Volume ends up in error state rather than available. Additional info: In audit.log: type=AVC msg=audit(1363102825.840:603): avc: denied { execute } for pid=4653 comm="mount.glusterfs" name="glusterfsd" dev=vda3 ino=19781 scontext=unconfined_u:system_r:mount_t:s0 tcontext=system_u:object_r:glusterd_exec_t:s0 tclass=file cinder volume.log: 2013-03-12 11:47:30 DEBUG cinder.utils [req-66498b32-9f6c-4c6d-a000-fc3b39cccd8d 695bdf8a46f948b48776e235eb2357bc 3e1cda4cdc424a69a11bc055fbdbbbd4] Running cmd (subprocess): sudo cinder-rootwrap /etc/cinder/rootwrap.conf mount -t glusterfs gluster.local:/testvol /var/lib/cinder/mnt/9408013824306004237 execute /usr/lib/python2.6/site-packages/cinder/utils.py:167 2013-03-12 11:47:30 DEBUG cinder.utils [req-66498b32-9f6c-4c6d-a000-fc3b39cccd8d 695bdf8a46f948b48776e235eb2357bc 3e1cda4cdc424a69a11bc055fbdbbbd4] Result was 1 execute /usr/lib/python2.6/site-packages/cinder/utils.py:184 2013-03-12 11:47:30 WARNING cinder.volume.glusterfs [req-66498b32-9f6c-4c6d-a000-fc3b39cccd8d 695bdf8a46f948b48776e235eb2357bc 3e1cda4cdc424a69a11bc055fbdbbbd4] Exception during mounting Unexpected error while running command. Command: sudo cinder-rootwrap /etc/cinder/rootwrap.conf mount -t glusterfs gluster.local:/testvol /var/lib/cinder/mnt/9408013824306004237 Exit code: 1 Stdout: 'Mount failed. Please check the log file for more details.\n' Stderr: '/sbin/mount.glusterfs: line 134: /usr/sbin/glusterfs: Permission denied\n' 2013-03-12 11:47:30 DEBUG cinder.volume.glusterfs [req-66498b32-9f6c-4c6d-a000-fc3b39cccd8d 695bdf8a46f948b48776e235eb2357bc 3e1cda4cdc424a69a11bc055fbdbbbd4] Available shares [] _ensure_shares_mounted /usr/lib/python2.6/site-packages/cinder/volume/glusterfs.py:171 2013-03-12 11:47:30 8932 ERROR cinder.openstack.common.rpc.amqp [-] Exception during message handling 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp Traceback (most recent call last): 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib/python2.6/site-packages/cinder/openstack/common/rpc/amqp.py", line 276, in _process_data 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp rval = self.proxy.dispatch(ctxt, version, method, **args) 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib/python2.6/site-packages/cinder/openstack/common/rpc/dispatcher.py", line 145, in dispatch 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp return getattr(proxyobj, method)(ctxt, **kwargs) 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib/python2.6/site-packages/cinder/volume/manager.py", line 163, in create_volume 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp volume_ref['id'], {'status': 'error'}) 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib64/python2.6/contextlib.py", line 23, in __exit__ 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp self.gen.next() 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib/python2.6/site-packages/cinder/volume/manager.py", line 135, in create_volume 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp model_update = self.driver.create_volume(volume_ref) 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib/python2.6/site-packages/cinder/volume/glusterfs.py", line 90, in create_volume 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp volume['provider_location'] = self._find_share(volume['size']) 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp File "/usr/lib/python2.6/site-packages/cinder/volume/glusterfs.py", line 191, in _find_share 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp raise exception.GlusterfsNoSharesMounted() 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp GlusterfsNoSharesMounted: No mounted Gluster shares found 2013-03-12 11:47:30 8932 TRACE cinder.openstack.common.rpc.amqp