I’m trying to install foreman with katello, but failing miserable, it’s my first time trying it, fresh install. I’m looking for help to sort out what’s going wrong. Problem: when i run foreman-installer, I’m getting error: [ERROR ] [configure] /Stage[main]/Candlepin::Artemis/Selboolean[candlepin_can_bind_activemq_port
]: Could not evaluate: Execution of ‘/usr/sbin/getsebool candlepin_can_bind_activemq_port’ returned 255: Error getting active value for candlepin_can_bind_activemq_port
Expected outcome: Running foreman-installer works without an error, install foreman
Foreman and Proxy versions: foreman-proxy-3.5.1-1.el8.noarch
Foreman and Proxy plugin versions: foreman-3.5.1-1.el8.noarch foreman-proxy-3.5.1-1.el8.noarch katello-4.7.0-1.el8.noarch
Distribution and version: foreman 3.5
Other relevant data:
full log:
2023-01-21 20:24:40 [ERROR ] [configure] /Stage[main]/Candlepin::Artemis/Selboolean[candlepin_can_bind_activemq_port]: Could not evaluate: Execution of ‘/usr/sbin/getsebool candlepin_can_bind_activemq_port’ returned 255: Error getting active value for candlepin_can_bind_activemq_port
2023-01-21 20:24:41 [NOTICE] [configure] 750 configuration steps out of 1390 steps complete.
2023-01-21 20:24:42 [NOTICE] [configure] 1000 configuration steps out of 1394 steps complete.
2023-01-21 20:26:16 [NOTICE] [configure] 1250 configuration steps out of 1394 steps complete.
2023-01-21 20:27:49 [ERROR ] [configure] Could not find a suitable provider for keystore
2023-01-21 20:27:49 [ERROR ] [configure] Could not find a suitable provider for truststore
2023-01-21 20:27:49 [ERROR ] [configure] Could not find a suitable provider for truststore_certificate
2023-01-21 20:27:49 [ERROR ] [configure] Could not find a suitable provider for keystore_certificate
2023-01-21 20:27:54 [NOTICE] [configure] System configuration has finished.
There were errors detected during install.
Please address the errors and re-run the installer to ensure the system is properly configured.
Failing to do so is likely to result in broken functionality.
The full log is at /var/log/foreman-installer/katello.log
Although i don’t have selinux enabled this started happening to us.
I though it was caused by a openjdk update (from 1.8.0.362 to 1.8.0.372) but downgrading did not work.
I even tried to update to foreman 3.5.2 / katello 4.7.5 and then foreman 3.6.1 / katello 4.8.0 but neither worked.
(I was only able to “complete” the upgrade running foreman-rake db:migrate)
If you have selinux disabled, then that’s your problem. It must be enabled. If it’s disabled then it will fail because the installer cannot set labels.
Ups, I had Selinux disabled since the time this machine was a CentOS7 but it was upgraded several versions ago using leapp, and I never noticed any issues. There’s always a first time
Anyway, I re-enabled Selinux and I still get the same error.
I tested with both enforcing and permissive and even reinstalled (foreman|katello|pulpcore|candlepin)-selinux packages to ensure the policies were applied.
Yes, the entire filesystem was relabeled several times…
My output does not include any command to test.
foreman-installer
[PRD root@updates ~ - 12:08:39][0][0]# foreman-installer
2023-05-16 12:08:53 [WARN ] [boot] [“Unsetting environment variable ‘http_proxy’ for the duration of the install.”]
2023-05-16 12:08:53 [WARN ] [boot] [“Unsetting environment variable ‘https_proxy’ for the duration of the install.”]
2023-05-16 12:08:53 [WARN ] [boot] [“Unsetting environment variable ‘HTTP_PROXY’ for the duration of the install.”]
2023-05-16 12:08:53 [WARN ] [boot] [“Unsetting environment variable ‘HTTPS_PROXY’ for the duration of the install.”]
2023-05-16 12:08:56 [NOTICE] [root] Loading installer configuration. This will take some time.
2023-05-16 12:09:01 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
2023-05-16 12:09:01 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.
2023-05-16 12:09:11 [NOTICE] [configure] Starting system configuration.
2023-05-16 12:09:26 [NOTICE] [configure] 250 configuration steps out of 1801 steps complete.
2023-05-16 12:09:30 [NOTICE] [configure] 500 configuration steps out of 1801 steps complete.
2023-05-16 12:09:31 [NOTICE] [configure] 750 configuration steps out of 1806 steps complete.
2023-05-16 12:09:31 [NOTICE] [configure] 1000 configuration steps out of 1813 steps complete.
2023-05-16 12:09:33 [NOTICE] [configure] 1250 configuration steps out of 1820 steps complete.
2023-05-16 12:09:33 [NOTICE] [configure] 1500 configuration steps out of 1820 steps complete.
2023-05-16 12:09:43 [NOTICE] [configure] 1750 configuration steps out of 1820 steps complete.
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for keystore
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for truststore
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for truststore_certificate
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for keystore_certificate
2023-05-16 12:10:05 [NOTICE] [configure] System configuration has finished.
There were errors detected during install.
Please address the errors and re-run the installer to ensure the system is properly configured.
Failing to do so is likely to result in broken functionality.
The full log is at /var/log/foreman-installer/katello.log
katello.log (partial)
(…)
2023-05-16 12:10:02 [DEBUG ] [configure] Class[Puppet::Agent]: Starting to evaluate the resource (1813 of 1820)
2023-05-16 12:10:02 [DEBUG ] [configure] Class[Puppet::Agent]: Resource is being skipped, unscheduling all events
2023-05-16 12:10:02 [DEBUG ] [configure] Class[Puppet::Agent]: Evaluated in 0.00 seconds
2023-05-16 12:10:02 [DEBUG ] [configure] Class[Puppet]: Starting to evaluate the resource (1814 of 1820)
2023-05-16 12:10:02 [DEBUG ] [configure] Class[Puppet]: Resource is being skipped, unscheduling all events
2023-05-16 12:10:02 [DEBUG ] [configure] Class[Puppet]: Evaluated in 0.00 seconds
2023-05-16 12:10:02 [DEBUG ] [configure] Stage[main]: Starting to evaluate the resource (1815 of 1820)
2023-05-16 12:10:02 [DEBUG ] [configure] Stage[main]: Resource is being skipped, unscheduling all events
2023-05-16 12:10:02 [DEBUG ] [configure] Stage[main]: Unscheduling all events on Stage[main]
2023-05-16 12:10:02 [DEBUG ] [configure] Stage[main]: Evaluated in 0.00 seconds
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for keystore
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for truststore
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for truststore_certificate
2023-05-16 12:10:02 [ERROR ] [configure] Could not find a suitable provider for keystore_certificate
2023-05-16 12:10:02 [DEBUG ] [configure] Finishing transaction 140940
2023-05-16 12:10:02 [DEBUG ] [configure] Storing state
2023-05-16 12:10:02 [DEBUG ] [configure] Pruned old state cache entries in 0.00 seconds
2023-05-16 12:10:02 [DEBUG ] [configure] Stored state in 0.05 seconds
2023-05-16 12:10:02 [INFO ] [configure] Applied catalog in 40.94 seconds
2023-05-16 12:10:02 [DEBUG ] [configure] Applying settings catalog for sections main, reporting, metrics
(…)
Because it’s a different problem. You don’t have a selinux error. You have
which is a different issue from the original one. Those missing types should be in /usr/share/foreman-installer/modules/certs/lib/puppet/type/, installed with the foreman-installer rpm. I don’t know why it’s not finding them, but I suppose you should open a new topic for this…
Thank you again for your feedback.
So, with selinux out of the table and I finally had some time to debug this issue and found out that for some reason for error I was getting it was because keytool was not on the PATH.
For some reason the update-alternatives did not created the symbolic link for it.
After forcing it to recreate the symbolic links the problem disappeared.