Description of problem: According to https://engineering.redhat.com/trac/Libra/wiki/OSOP/ScriptedInstalls, after installed ose-1.1 env, tmp polyinstanciation is missing. Should add the following line into configure_pam_on_node function of installation script. <--snip--> # if the user does not exist on the system an error will show up in # /var/log/secure. user_list="root,adm,apache" for user in gdm activemq mongodb; do id -u "$user" >/dev/null 2>&1 if [ X"$?" == X"0" ]; then user_list="${user_list},${user}" fi done echo "/tmp \$HOME/.tmp/ user:iscript=/usr/sbin/oo-namespace-init ${user_list}" > /etc/security/namespace.d/tmp.conf echo "/dev/shm tmpfs tmpfs:mntopts=size=5M:iscript=/usr/sbin/oo-namespace-init ${user_list}" > /etc/security/namespace.d/shm.conf <--snip--> Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Found this issue when doing upgrade testing to prepare testing data.
I'll investigate this. Polyinstanciation for 1.1 should have been handled by the pam_openshift package.
After running the 1.1 installation script against the latest 1.1 puddle I see the following on my system: rpm -qf /etc/security/namespace.d/tmp.conf pam_openshift-1.0.7-1.el6op.x86_64 I verified that this is indeed the latest package currently available in RHN for 1.1. I'm going to close this. I've I've misunderstood something please reopen.
I think Johnny means that the part of the script he pasted is present in the 1.2 openshift.ks but not in the 1.1 version. Which it never has been. I'm guessing something about pam_openshift changed to make that necessary.
Yes, sorry, I failed to mention that pam_openshift in 1.2 no longer ships the default configuration.
Sorry for confuse. I did more dig into this issue. In the 1.1.z build, /etc/security/namespace.d/tmp.conf is indeed installed by pam_openshift, but after upgrade, the old pam_openshift is removed, so /etc/security/namespace.d/tmp.conf is removed, after new pam_openshift is installed, there is no /etc/security/namespace.d/tmp.conf in this packages, need manually create it. So that means after upgrade, tmp polyinstanciation is not enabled. Here is reproduce steps: 1. create two jbosseap applications in 1.1.z env 2. do upgrade process. 3. When migrate jbosseap gears, it throws the following error: <--snip--> Starting gear with uuid 'bc9bb8d519a74eeeb0781c2f851bcd69' on node 'node.ose11test.com ' Start gear failed with an exception: Failed to execute: 'control start' for /var/lib/openshift/bc9bb8d519a74eeeb0781c2f851bcd69/jbosseap Marking step start_gear complete Validating gear bc9bb8d519a74eeeb0781c2f851bcd69 post-migration Pre-migration state: started Post-migration response code: 503 <--snip-->
https://github.com/openshift/enterprise/pull/20
Verified this bug with openshift-enterprise-upgrade-node-1.2-1.git.83.a254045.el6op.noarch in 1.2/2013-06-20.5, and PASS. tmp ployinstanciation is enabled after migration.
Closing all bugs introduced, fixed, and verified during 1.2 release work (thus never shipped).