Actions
Bug #18619
closedElasticsearch port removal upgrade path does not work
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
General Foreman
Target version:
-
Description
Upgrading foreman-selinux to the newest version does not work, users are ending up with disabled policy. This is what is shown during yum transaction:
libsepol.context_from_record: type elasticsearch_port_t is not defined (No such file or directory). libsepol.context_from_record: could not create context structure (Invalid argument). libsepol.port_from_record: could not create port structure for range 9200:9300 (tcp) (Invalid argument). libsepol.sepol_port_modify: could not load port range 9200 - 9300 (tcp) (Invalid argument). libsemanage.dbase_policydb_modify: could not modify record value (Invalid argument). libsemanage.semanage_base_merge_components: could not merge local modifications into policy (Invalid argument). OSError: Invalid argument
After the ugprade, foreman SELinux module is NOT loaded.
WORKAROUND: Reinstall the RPM once again or use foreman-selinux-enable
script and policy loads fine.
The problem is ordering of elasticsearch port removal in the enable script.
Updated by Lukas Zapletal about 7 years ago
- Status changed from New to Rejected
Could not reproduce, invalid bug. This is downstream only, upstream the ordering is correct.
Actions