[Train][CentOS7] Packstack deployment fails while starting httpd with SELINUX enabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Packstack |
Triaged
|
High
|
Unassigned |
Bug Description
Packstack Deployment on CentOS7 with selinux enabled fails with:-
PuppetError: Error appeared during Puppet run: 192.168.
Error: Systemd start for httpd failed!
httpd service logs stats:-
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:8774
httpd[1569]: no listening sockets available, shutting down
AVC denied audit log:-
type=AVC msg=audit(
httpd is allowed to bind to any port in openstack-selinux https:/
Applying recent os-podman.te in C7 fails with:-
# semodule -i /usr/share/
Failed to resolve typeattributeset statement at /etc/selinux/
semodule: Failed!
This is likely caused by old container-selinux package in CentOS7 and unavailable commit https:/
# rpm -q container-selinux
container-
Example log:-
https:/
https:/
https:/
https:/
Will check with authors on how to clear this issue.
Changed in packstack: | |
status: | New → Triaged |
importance: | Undecided → High |
description: | updated |
Proposed https:/ /review. rdoproject. org/r/c/ rdo-infra/ weirdo/ +/33168 to switch selinux to permissive, it's already in permissive for centos7 job, all upstream jobs(except packstack on C7) were running with selinux permissive, with this patch that too does the same, maintaining selinux just for this case is not much worth.