[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: update to enterprise



+++ Julien Garet [28/11/12 16:01 +0100]:
----- Mail original -----

De: "Brenton Leanhardt" <bleanhar redhat com>
À: "Julien Garet" <julien garet inria fr>
Cc: dev lists openshift redhat com
Envoyé: Mercredi 28 Novembre 2012 15:54:28
Objet: Re: update to enterprise

+++ Julien Garet [28/11/12 15:51 +0100]:
>----- Mail original -----
>
>> De: "Brenton Leanhardt" <bleanhar redhat com>
>> À: "Julien Garet" <julien garet inria fr>
>> Cc: dev lists openshift redhat com
>> Envoyé: Mercredi 28 Novembre 2012 15:48:07
>> Objet: Re: update to enterprise
>
>[...]
>
>> >> >
>> >> >Initialized empty Git repository in
>> >> >/var/lib/openshift/3ebe7f53e43b418fbafa88deb35ee243/git/trackstest.git/
>> >> >/var/lib/openshift/3ebe7f53e43b418fbafa88deb35ee243/git/trackstest.git
>> >> >/tmp
>> >> >/tmp
>> >> >runcon: invalid context:
>> >> >system_u:system_r:openshift_t:s0:c0,c500:
>> >> >Invalid argument
>> >> >Failed to start ruby-1.8
>> >> >
>> >> >So, it seems selinux is mandatory, but when I try to configure
>> >> >it
>> >> >(https://openshift.redhat.com/community/wiki/build-your-own#Configuring_SELinux_2),
>> >> >i get :
>> >> >
>> >> >setsebool -P httpd_unified=on httpd_can_network_connect=on
>> >> >httpd_can_network_relay=on httpd_read_user_content=on
>> >> >httpd_enable_homedirs=on httpd_run_stickshift=on
>> >> >allow_polyinstantiation=on
>> >> >libsemanage.dbase_llist_set: record not found in the database
>> >> >(No
>> >> >such file or directory).
>> >> >libsemanage.dbase_llist_set: could not set record value (No
>> >> >such
>> >> >file or directory).
>> >> >Could not change boolean httpd_run_stickshift
>> >> >Could not change policy booleans
>> >> >
>> >> >Is there another package I forgot to install ? I am not used
>> >> >to
>> >> >selinux.
>> >
>> >> What version of the selinux-policy package do you have
>> >> installed?
>> >
>> >> You want to have the following:
>> >
>> >> https://mirror.openshift.com/pub/origin-server/nightly/enterprise/2012-11-15/Node/x86_64/os/Packages/selinux-policy-3.7.19-155.el6_3.8.noarch.rpm
>> >> https://mirror.openshift.com/pub/origin-server/nightly/enterprise/2012-11-15/Node/x86_64/os/Packages/selinux-policy-targeted-3.7.19-155.el6_3.8.noarch.rpm
>> >I have installed these versions. Something I did not tell, and
>> >that
>> >might be important, is that I am running CentOS 6.3. So I already
>> >had this package version from CentOS Update, I replaced the
>> >packages with the one from the openshift repo (not sure if they
>> >are
>> >different or not).
>> >
>> >I've passed every setsebool in a single command, all went well
>> >but
>> >this one :
>> >
>> >[root node1 ~]# setsebool -P httpd_run_stickshift=on
>> >libsemanage.dbase_llist_set: record not found in the database
>> >libsemanage.dbase_llist_set: could not set record value
>> >Could not change boolean httpd_run_stickshift
>> >Could not change policy booleans
>
>> That's interesting. I'm personally not too familiar with OpenShift
>> on
>> CentOS but I'm sure we can make it work.
>
>> What does 'semodule -l | grep apache' return for you?
>[root node1 ~]# semodule -l | grep apache
>apache 2.1.2

And I'm guessing 'getsebool -a | grep stickshift' doesn't return
anything for you, correct?
You guess right.

Another sanity check, does "rpm -qV selinux-policy-targeted" show that
there have been any local changes?

I would suggest "yum reinstall selinux-policy-targeted" next.


>
>> >
>> >The versions of selinux I currently have are :
>> >
>> >[root node1 ~]# rpm -qa | grep selinux
>> >libselinux-utils-2.0.94-5.3.el6.x86_64
>> >libselinux-2.0.94-5.3.el6.x86_64
>> >selinux-policy-targeted-3.7.19-155.el6_3.8.noarch
>> >libselinux-python-2.0.94-5.3.el6.x86_64
>> >libselinux-ruby-2.0.94-5.3.el6.x86_64
>> >libselinux-devel-2.0.94-5.3.el6.x86_64
>> >selinux-policy-3.7.19-155.el6_3.8.noarch
>> >
>> >Julien
>> >
>> >> --Brenton
>[...]


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]