I upgraded my katello server to 3.16. Then I upgraded the smart proxy following the 3.16 docs. However, foreman-installer failed because it could start httpd. Reason: httpd wants to listen to port 5000 and it’s blocked by selinux.
It finished successfully after I have switched to permissive mode. httpd is listening to port 5000, though.
Is the smart proxy supposed to listen to port 5000 (i.e. selinux config is broken) or is that an error?
A short term workaround would be yum install crane-selinux but obviously that’s not a real fix. Do you have more specific logs? I’m mostly interested in why it logs that it will install, but then doesn’t really.
There is an error message shortly before the ensuring message in the foreman-installer/foreman-proxy-content log.
[DEBUG 2020-08-12T14:53:48 main] Executing: foreman-maintain packages is-locked --assumeyes
[DEBUG 2020-08-12T14:53:50 main] Packages are not locked
[ERROR 2020-08-12T14:53:50 main] foreman-maintain packages is-locked --assumeyes failed! Check the output for error!
[DEBUG 2020-08-12T14:53:50 main] Hook /usr/share/foreman-installer/katello/hooks/pre_commit/09-version_locking.rb returned nil
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/katello/hooks/pre_commit/13-hiera.rb returned nil
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/katello/hooks/pre_commit/14-cdn_setting.rb returned nil
[ INFO 2020-08-12T14:53:51 main] All hooks in group pre_commit finished
[ INFO 2020-08-12T14:53:51 main] Executing hooks in group pre
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/hooks/pre/10-reset_foreman_db.rb returned nil
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/hooks/pre/20-check-hammer-credentials.rb returned nil
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/hooks/pre/25-remove_apache_from_foreman_group.rb returned true
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/hooks/pre/30-el7_upgrade_postgresql.rb returned nil
[DEBUG 2020-08-12T14:53:51 main] Hook /usr/share/foreman-installer/hooks/pre/31-puppet_agent_oauth.rb returned nil
[ INFO 2020-08-12T14:53:51 main] Ensuring crane-selinux to package state installed
I don’t see any other message regarding crane-selinux in any other log.
As mentioned above, I have installed the package crane-selinux. But this problem only happened on the content proxy, not on the main foreman/katello server.