Project

Profile

Help

Issue #7678

vagrant, pulp_container, and pulp2-nightly-pulp3-source-centos7 don't like each other right now?

Added by ggainey about 2 months ago. Updated 26 days ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 85
Quarter:

Description

Trying to boot a copy of pulp2-nightly-pulp3-source-centos7 that has pulp_rpm, pulp_file, and pulp_container enabled is failing.

Related commentary from IRC:

<ggainey> fao89: mikedep333 : https://paste.centos.org/view/eb7fe8a9
<fao89> it seems to be SELinux related
<ggainey> hm
<ggainey> I don't need pulp_container for what I'm trying to work on, I disabled it and will see if that gets me running
<ggainey> too many plugins in my env right this sec :0
<ggainey> :) even
<fao89> I think dkliban can help with this pulp_container thing
<dkliban> ggainey: interesting
<ggainey> dkliban: that's like when a doctor looks in your mouth and says "interesting" :)
<dkliban> we need to fix pulp_container config
<dkliban> i think you discovered a bug
* ggainey cheers sadly
<dkliban> LOL

Failing output from "vagrant up" :

Oct 07 19:25:16 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com ansible-seboolean[16745]: Invoked with state=True persistent=True name=httpd_can_network_connect ignore_selinux_state=False
Oct 07 19:25:16 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16742]: pam_unix(sudo:session): session closed for user root
Oct 07 19:25:16 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16757]:  vagrant : TTY=unknown ; PWD=/home/vagrant ; USER=root ; COMMAND=/bin/sh -c echo BECOME-SUCCESS-iebqkwwosduzcojlufetznkqytgyrost ; DJANGO_SETTINGS_MODULE=pulpcore.app.settings /usr/bin/python
Oct 07 19:25:16 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16757]: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com ansible-yum[16760]: Invoked with lock_timeout=30 update_cache=False disable_excludes=None exclude=[] allow_downgrade=False disable_gpg_check=False conf_file=None use_backend=auto state=present disablerepo=[] rel
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16757]: pam_unix(sudo:session): session closed for user root
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16776]:  vagrant : TTY=unknown ; PWD=/home/vagrant ; USER=root ; COMMAND=/bin/sh -c echo BECOME-SUCCESS-tclbkqtrjnzkahfognahjrbrszfptmci ; DJANGO_SETTINGS_MODULE=pulpcore.app.settings /usr/bin/python
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16776]: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com ansible-systemd[16779]: Invoked with no_block=False force=None name=firewalld daemon_reexec=False enabled=True daemon_reload=False state=started masked=None scope=None user=None
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16776]: pam_unix(sudo:session): session closed for user root
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16795]:  vagrant : TTY=unknown ; PWD=/home/vagrant ; USER=root ; COMMAND=/bin/sh -c echo BECOME-SUCCESS-hyewtxwokdhboscogbwcqbdvzhhaubgi ; DJANGO_SETTINGS_MODULE=pulpcore.app.settings /usr/bin/python
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16795]: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com ansible-firewalld[16798]: Invoked with icmp_block_inversion=None zone=None service=http masquerade=None icmp_block=None immediate=True source=None state=enabled permanent=True timeout=0 interface=None offline=No
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16795]: pam_unix(sudo:session): session closed for user root
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16812]:  vagrant : TTY=unknown ; PWD=/home/vagrant ; USER=root ; COMMAND=/bin/sh -c echo BECOME-SUCCESS-idlyxzvcfljyvtodowonaeonmowmuthi ; DJANGO_SETTINGS_MODULE=pulpcore.app.settings /usr/bin/python
Oct 07 19:25:17 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com sudo[16812]: pam_unix(sudo:session): session opened for user root by (uid=0)
Oct 07 19:25:18 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com ansible-systemd[16815]: Invoked with no_block=False force=None name=httpd daemon_reexec=False enabled=None daemon_reload=True state=reloaded user=None scope=None masked=None
Oct 07 19:25:18 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com systemd[1]: Reloading.
Oct 07 19:25:18 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com systemd[1]: Reloading The Apache HTTP Server.
-- Subject: Unit httpd.service has begun reloading its configuration
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit httpd.service has begun reloading its configuration
**Oct 07 19:25:18 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com httpd[16834]: httpd: Syntax error on line 353 of /etc/httpd/conf/httpd.conf: Syntax error on line 25 of /etc/httpd/conf.d/pulp-vhost.conf: Could not open configuration file /etc/httpd/pulp/pulp_container.conf: P
**Oct 07 19:25:18 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com systemd[1]: httpd.service: control process exited, code=exited status=1
Oct 07 19:25:18 pulp2-nightly-pulp3-source-centos7.padre-fedora.example.com systemd[1]: Reload failed for The Apache HTTP Server.
-- Subject: Unit httpd.service has finished reloading its configuration
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit httpd.service has finished reloading its configuration

History

#1 Updated by ggainey about 2 months ago

  • Project changed from Debian Support to Container Support

#2 Updated by dkliban@redhat.com about 2 months ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to dkliban@redhat.com
  • Triaged changed from No to Yes
  • Sprint set to Sprint 83

#3 Updated by rchan about 2 months ago

  • Sprint changed from Sprint 83 to Sprint 84

#4 Updated by dkliban@redhat.com about 1 month ago

I was not able to reproduce when using the pulp_installer submodule commit referenced on the master branch of pulplift.

This is an SELinux problem that only appears when using the latest commit from the pulp_installer repo. httpd is not able to read the webserver snipped symlinked from the pulp_container repo that the developer is using.

While the symlink itself has the right SELinux context:

[vagrant@pulp2-nightly-pulp3-source-centos7 ~]$ ls -laZ /etc/httpd/pulp/pulp_container.conf
lrwxrwxrwx. root root unconfined_u:object_r:httpd_config_t:s0 /etc/httpd/pulp/pulp_container.conf -> /home/vagrant/devel/pulp_container/pulp_container/app/webserver_snippets/apache.conf

The actual file does not:

[vagrant@pulp2-nightly-pulp3-source-centos7 ~]$ ls -laZ /home/vagrant/devel/pulp_container/pulp_container/app/webserver_snippets/apache.conf
-rw-rw-r--. vagrant vagrant system_u:object_r:fusefs_t:s0    /home/vagrant/devel/pulp_container/pulp_container/app/webserver_snippets/apache.conf

#5 Updated by rchan about 1 month ago

  • Sprint changed from Sprint 84 to Sprint 85

#6 Updated by dkliban@redhat.com 26 days ago

  • Status changed from ASSIGNED to CLOSED - CURRENTRELEASE

Please register to edit this issue

Also available in: Atom PDF