Project

General

Profile

Actions
Copy link

Bug #18619

closed

Elasticsearch port removal upgrade path does not work

Added by Lukas Zapletal about 7 years ago. Updated about 7 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
General Foreman
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Upgrading foreman-selinux to the newest version does not work, users are ending up with disabled policy. This is what is shown during yum transaction:

libsepol.context_from_record: type elasticsearch_port_t is not defined (No such file or directory).
libsepol.context_from_record: could not create context structure (Invalid argument).
libsepol.port_from_record: could not create port structure for range 9200:9300 (tcp) (Invalid argument).
libsepol.sepol_port_modify: could not load port range 9200 - 9300 (tcp) (Invalid argument).
libsemanage.dbase_policydb_modify: could not modify record value (Invalid argument).
libsemanage.semanage_base_merge_components: could not merge local modifications into policy (Invalid argument).
OSError: Invalid argument

After the ugprade, foreman SELinux module is NOT loaded.

WORKAROUND: Reinstall the RPM once again or use foreman-selinux-enable script and policy loads fine.

The problem is ordering of elasticsearch port removal in the enable script.

Actions
Copy link
 #1

Updated by Lukas Zapletal about 7 years ago

  • Status changed from New to Rejected

Could not reproduce, invalid bug. This is downstream only, upstream the ordering is correct.

Actions
Copy link

Also available in: Atom PDF