Could not deactivate host on PuppetDB: Failed to open TCP connection to localhost:8080

Problem:
I would like to redeploy a host migrated from an old setup

Expected outcome:
The host will be deleted and redeployed

Foreman and Proxy versions:
1.24.2

Foreman and Proxy plugin versions:

Distribution and version:
CentOS Linux release 7.8.2003

Other relevant data:
Failed to enable xxx for installation: ["Could not deactivate host on PuppetDB: Failed to open TCP connection to localhost:8080 (Permission denied - connect(2) for \"localhost\" port 8080)"]

But I can access the port via telnet

root@puppetmaster:/var/log/foreman# telnet localhost 8080
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.

I try port 8081 but the same behavior. Telnet works but foreman can not access the port.

proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:8008          0.0.0.0:*               LISTEN      3403/ruby
tcp        0      0 127.0.0.1:40523         0.0.0.0:*               LISTEN      24664/Passenger Rac
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1091/sshd
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      13586/postmaster
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1867/master
tcp6       0      0 :::8140                 :::*                    LISTEN      1159/java
tcp6       0      0 127.0.0.1:8080          :::*                    LISTEN      2743/java
tcp6       0      0 :::80                   :::*                    LISTEN      1094/httpd
tcp6       0      0 :::8081                 :::*                    LISTEN      2743/java
tcp6       0      0 :::22                   :::*                    LISTEN      1091/sshd
tcp6       0      0 ::1:5432                :::*                    LISTEN      13586/postmaster
tcp6       0      0 ::1:25                  :::*                    LISTEN      1867/master
tcp6       0      0 :::8443                 :::*                    LISTEN      1092/ruby
tcp6       0      0 :::443                  :::*                    LISTEN      1094/httpd

Perhaps there is SELinux denial preventing the connection?

You saved my day :slight_smile: I hate this f**ing “security” module. In normal case I use Debian and this is not a default package.

You can also disable SELinux or run in permissive mode if you’d like on centos, but it does provide a useful layer of security when configured properly.