Project

Profile

Help

Issue #2961

Updated by Ichimonji10 over 6 years ago

Pulp 2.14 beta 3 cannot successfully be installed and used on Fedora 26 using pulp_packaging. 26. A couple changes have already been made to make Pulp 2.14 beta 3 installable on Fedora 26 using pulp_packaging: 26: 

 * "Work around inability to install groups on F26":https://github.com/pulp/pulp_packaging/pull/414 
 * "Ensure /etc/pki/CA is present on Fedora 26":https://github.com/pulp/pulp_packaging/pull/415 

 With these changes in place, this error (and many more) are logged when Pulp starts up: 

 <pre> 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: Unhandled Exception 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) error signing cert request: Signature ok 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) subject=CN = admin:admin:5988b93144e534662b1fc1a2 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) Getting CA Private Key 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) Can't open /etc/pki/pulp/ca.key for reading, Permission denied 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) 139724785673984:error:0200100D:system library:fopen:Permission denied:crypto/bio/bss_file.c:74:fopen('/etc/pki/pulp/ca.key','r') 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) 139724785673984:error:2006D002:BIO routines:BIO_new_file:system lib:crypto/bio/bss_file.c:83: 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) unable to load CA Private Key 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) unable to write 'random state' 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) Traceback (most recent call last): 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/django/core/handlers/base.py", line 185, in _get_response 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       response = wrapped_callback(request, *callback_args, **callback_kwargs) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/django/views/generic/base.py", line 68, in view 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       return self.dispatch(request, *args, **kwargs) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/django/views/generic/base.py", line 88, in dispatch 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       return handler(request, *args, **kwargs) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/pulp/server/webservices/views/decorators.py", line 241, in _auth_decorator 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       return _verify_auth(self, operation, super_user_only, method, *args, **kwargs) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/pulp/server/webservices/views/decorators.py", line 195, in _verify_auth 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       value = method(self, *args, **kwargs) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/pulp/server/webservices/views/root_actions.py", line 25, in post 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       key, certificate = factory.cert_generation_manager().make_admin_user_cert(user) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/pulp/server/managers/auth/cert/cert_generator.py", line 31, in make_admin_user_cert 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       return self.make_cert(self.encode_admin_user(user), expiration) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)     File "/usr/lib/python2.7/site-packages/pulp/server/managers/auth/cert/cert_generator.py", line 85, in make_cert 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952)       raise Exception("error signing cert request: %%s" %% output) 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) Exception: error signing cert request: Signature ok 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) subject=CN = admin:admin:5988b93144e534662b1fc1a2 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) Getting CA Private Key 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) Can't open /etc/pki/pulp/ca.key for reading, Permission denied 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) 139724785673984:error:0200100D:system library:fopen:Permission denied:crypto/bio/bss_file.c:74:fopen('/etc/pki/pulp/ca.key','r') 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) 139724785673984:error:2006D002:BIO routines:BIO_new_file:system lib:crypto/bio/bss_file.c:83: 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) unable to load CA Private Key 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) unable to write 'random state' 
 Aug 07 15:05:38 fedora-26-pulp-2-14-beta pulp[31876]: pulp.server.webservices.middleware.exception:ERROR: (31876-77952) 
 </pre> 

 It looks like <code>/etc/pki/pulp/ca.key</code> is unreadable: 

 <pre>[root@fedora-26-pulp-2-14-beta ~]# ls -laZ /etc/pki/pulp/ 
 total 16 
 drwxr-xr-x.    3 root     root     system_u:object_r:pulp_cert_t:s0         83 Aug    7 15:02 . 
 drwxr-xr-x. 10 root     root     system_u:object_r:cert_t:s0             110 Aug    7 15:04 .. 
 -rw-r-----.    1 root     apache unconfined_u:object_r:pulp_cert_t:s0 1753 Aug    7 15:02 ca.crt 
 -rw-------.    1 root     apache unconfined_u:object_r:pulp_cert_t:s0 3247 Aug    7 15:02 ca.key 
 drwxr-xr-x.    2 apache apache system_u:object_r:pulp_cert_t:s0          6 Aug    2 12:44 content 
 -rw-r-----.    1 root     apache unconfined_u:object_r:pulp_cert_t:s0 1679 Aug    7 15:02 rsa.key 
 -rw-r--r--.    1 root     apache unconfined_u:object_r:pulp_cert_t:s0    451 Aug    7 15:02 rsa_pub.key 
 </pre> 

 A work-around is to execute the following: 

 <pre><code>chmod g+r /etc/pki/pulp/ca.key 
 systemctl restart httpd pulp_{celerybeat,resource_manager,workers} 
 </code></pre> 

 This done, Pulp will start, but different errors will start being logged. For example: 

 <pre>Aug 07 15:19:06 fedora-26-pulp-2-14-beta audit[954]: AVC avc:    denied    { read } for    pid=954 comm="pulp_streamer" name="cpu" dev="sysfs" ino=33 scontext=system_u:system_r:streamer_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0 
 Aug 07 15:19:07 fedora-26-pulp-2-14-beta audit[958]: AVC avc:    denied    { read } for    pid=958 comm="celery" name="cpu" dev="sysfs" ino=33 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0 
 Aug 07 15:19:07 fedora-26-pulp-2-14-beta audit[978]: AVC avc:    denied    { read } for    pid=978 comm="celery" name="cpu" dev="sysfs" ino=33 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0 
 Aug 07 15:19:07 fedora-26-pulp-2-14-beta audit[959]: AVC avc:    denied    { read } for    pid=959 comm="celery" name="cpu" dev="sysfs" ino=33 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0 
 </pre> 

 And: 

 <pre>Aug 07 15:19:09 fedora-26-pulp-2-14-beta audit[978]: AVC avc:    denied    { getattr } for    pid=978 comm="celery" name="/" dev="tmpfs" ino=10791 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=0 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta audit[978]: AVC avc:    denied    { getattr } for    pid=978 comm="celery" name="/" dev="tmpfs" ino=10791 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=0 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta audit[978]: AVC avc:    denied    { getattr } for    pid=978 comm="celery" name="/" dev="tmpfs" ino=10793 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=0 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta audit[978]: AVC avc:    denied    { getattr } for    pid=978 comm="celery" name="/" dev="tmpfs" ino=10794 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=0 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta audit[978]: AVC avc:    denied    { getattr } for    pid=978 comm="celery" name="/" dev="tmpfs" ino=18993 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=0 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480) Unrecoverable error: OSError(38, 'Function not implemented') 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480) Traceback (most recent call last): 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib/python2.7/site-packages/celery/worker/worker.py", line 203, in start 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       self.blueprint.start(self) 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib/python2.7/site-packages/celery/bootsteps.py", line 119, in start 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       step.start(parent) 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib/python2.7/site-packages/celery/bootsteps.py", line 370, in start 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       return self.obj.start() 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib/python2.7/site-packages/celery/concurrency/base.py", line 131, in start 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       self.on_start() 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib/python2.7/site-packages/celery/concurrency/prefork.py", line 112, in on_start 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       **self.options) 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/pool.py", line 952, in __init__ 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta audit[958]: AVC avc:    denied    { getattr } for    pid=958 comm="celery" name="/" dev="tmpfs" ino=10791 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=0 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       self._setup_queues() 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/pool.py", line 1321, in _setup_queues 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       self._inqueue = self._ctx.SimpleQueue() 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/context.py", line 150, in SimpleQueue 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       return SimpleQueue(ctx=self.get_context()) 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/queues.py", line 377, in __init__ 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       self._rlock = ctx.Lock() 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/context.py", line 105, in Lock 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       return Lock(ctx=self.get_context()) 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/synchronize.py", line 182, in __init__ 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)       SemLock.__init__(self, SEMAPHORE, 1, 1, ctx=ctx) 
 Aug 07 15:19:09 fedora-26-pulp-2-14-beta pulp[978]: celery.worker:CRITICAL: (978-64480)     File "/usr/lib64/python2.7/site-packages/billiard/synchronize.py", line 72, in __init__ 
 </pre> 

 ...and on it goes. I'm not sure which messages are important. The important bit is that Pulp is still screwed up after making <code>/etc/pki/pulp/ca.key</code> group-readable. One can try to work around this by disabling SELinux: 

 <pre>setenforce 0 
 echo > /var/log/audit/audit.log 
 semodule -R 
 systemctl restart httpd pulp_{celerybeat,resource_manager,workers} 
 </pre> 

 This does produce a glorious amount of output: 

 <pre>[root@fedora-26-pulp-2-14-beta pulp]# audit2allow -al 


 #============= celery_t ============== 
 allow celery_t self:process execmem; 
 allow celery_t sysfs_t:dir read; 
 allow celery_t tmpfs_t:dir { add_name remove_name write }; 
 allow celery_t tmpfs_t:file { create getattr link open read unlink write }; 
 allow celery_t tmpfs_t:filesystem getattr; 
 [root@fedora-26-pulp-2-14-beta pulp]# audit2allow -Ral 
 could not open interface info [/var/lib/sepolgen/interface_info] 
 [root@fedora-26-pulp-2-14-beta pulp]# cat /var/log/audit/audit.log 

 type=USER_AVC msg=audit(1502136922.763:275): pid=671 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:    received policyload notice (seqno=2)    exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?' 
 type=MAC_POLICY_LOAD msg=audit(1502136922.771:276): policy loaded auid=0 ses=1 
 type=USER_AVC msg=audit(1502136924.854:277): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:    received policyload notice (seqno=2)    exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' 
 type=SERVICE_STOP msg=audit(1502136925.402:278): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_celerybeat comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_START msg=audit(1502136925.404:279): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_celerybeat comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=AVC msg=audit(1502136925.816:280): avc:    denied    { read } for    pid=2115 comm="celery" name="cpu" dev="sysfs" ino=33 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=1 
 type=SERVICE_STOP msg=audit(1502136926.651:281): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_START msg=audit(1502136926.702:282): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_STOP msg=audit(1502136927.385:283): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_resource_manager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_START msg=audit(1502136927.386:284): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_resource_manager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=AVC msg=audit(1502136932.568:285): avc:    denied    { getattr } for    pid=2193 comm="celery" name="/" dev="tmpfs" ino=10791 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=1 
 type=AVC msg=audit(1502136932.568:286): avc:    denied    { write } for    pid=2193 comm="celery" name="/" dev="tmpfs" ino=10791 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1 
 type=AVC msg=audit(1502136932.568:287): avc:    denied    { add_name } for    pid=2193 comm="celery" name="vcJczy" scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1 
 type=AVC msg=audit(1502136932.568:288): avc:    denied    { create } for    pid=2193 comm="celery" name="vcJczy" scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1 
 type=AVC msg=audit(1502136932.568:289): avc:    denied    { read write open } for    pid=2193 comm="celery" path="/dev/shm/vcJczy" dev="tmpfs" ino=55350 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1 
 type=AVC msg=audit(1502136932.568:290): avc:    denied    { link } for    pid=2193 comm="celery" name="vcJczy" dev="tmpfs" ino=55350 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1 
 type=AVC msg=audit(1502136932.568:291): avc:    denied    { getattr } for    pid=2193 comm="celery" path="/dev/shm/vcJczy" dev="tmpfs" ino=55350 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1 
 type=AVC msg=audit(1502136932.569:292): avc:    denied    { remove_name } for    pid=2193 comm="celery" name="vcJczy" dev="tmpfs" ino=55350 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir permissive=1 
 type=AVC msg=audit(1502136932.569:293): avc:    denied    { unlink } for    pid=2193 comm="celery" name="vcJczy" dev="tmpfs" ino=55350 scontext=system_u:system_r:celery_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file permissive=1 
 type=SERVICE_STOP msg=audit(1502137015.062:294): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_workers comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' 
 type=SERVICE_STOP msg=audit(1502137015.094:295): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_worker-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' 
 type=SERVICE_START msg=audit(1502137015.116:296): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_worker-0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_START msg=audit(1502137015.124:297): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=pulp_workers comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=AVC msg=audit(1502137057.690:298): avc:    denied    { execmem } for    pid=2447 comm="celery" scontext=system_u:system_r:celery_t:s0 tcontext=system_u:system_r:celery_t:s0 tclass=process permissive=1 
 type=USER_START msg=audit(1502137067.949:299): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137067.950:300): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2481 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_START msg=audit(1502137067.969:301): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137067.969:302): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2496 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_START msg=audit(1502137067.990:303): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137067.991:304): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2516 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_END msg=audit(1502137067.998:305): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_START msg=audit(1502137068.006:306): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137068.006:307): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2525 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_START msg=audit(1502137068.026:308): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137068.026:309): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2545 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_END msg=audit(1502137068.033:310): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_START msg=audit(1502137068.043:311): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137068.043:312): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2559 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_STOP msg=audit(1502137069.821:313): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_START msg=audit(1502137069.859:314): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=USER_END msg=audit(1502137069.861:315): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_END msg=audit(1502137076.379:316): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_END msg=audit(1502137076.379:317): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_END msg=audit(1502137076.379:318): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_START msg=audit(1502137096.412:319): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137096.412:320): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2869 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_START msg=audit(1502137096.433:321): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137096.434:322): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2884 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_START msg=audit(1502137096.458:323): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137096.459:324): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2904 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=USER_END msg=audit(1502137096.471:325): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_START msg=audit(1502137096.483:326): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=CRYPTO_KEY_USER msg=audit(1502137096.487:327): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a1:7b:07:ac:67:e9:1f:90:0d:bf:ca:4c:71:e4:10:54:f1:78:be:2e:8a:5a:ed:9d:ab:dc:98:b2:85:6a:a6:30 direction=? spid=2918 suid=0    exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_STOP msg=audit(1502137098.267:328): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=SERVICE_START msg=audit(1502137098.305:329): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' 
 type=USER_END msg=audit(1502137098.307:330): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_END msg=audit(1502137106.448:331): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 type=USER_END msg=audit(1502137106.448:332): pid=1253 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=192.168.100.1 addr=192.168.100.1 terminal=ssh res=success' 
 </pre> 

 Unfortunately, many tests still fail: 

 <pre><code>python -m unittest pulp_smash.tests.platform.api_v2.test_login    # success 
 python -m unittest pulp_smash.tests.docker.api_v2.test_sync_publish.V{1,2}RegistryTestCase    # total failure 
 </code></pre>

Back