luna-nightly-rpm-pipeline 354 failed

jenkins · April 20, 2022, 7:16am

Luna nightly pipeline failed:

https://ci.theforeman.org/job/luna-nightly-rpm-pipeline/354/

foreman-pipeline-luna-nightly-centos7-install (passed) (remote job)
foreman-pipeline-luna-nightly-almalinux8-install (passed) (remote job)
foreman-pipeline-luna-nightly-centos8-stream-install (passed) (remote job)
foreman-pipeline-luna-nightly-almalinux8-upgrade (failed) (remote job)
foreman-pipeline-luna-nightly-centos8-stream-upgrade (failed) (remote job)
foreman-pipeline-luna-nightly-centos7-upgrade (passed) (remote job)

evgeni · April 20, 2022, 7:40am

For some reason, the upgraded EL8 setups have SELinux denials when trying to import things from git:

type=AVC msg=audit(1650434823.261:6335): avc:  denied  { map } for  pid=120118 comm="git" path="/tmp/d20220420-118661-13kpjop/.git/config" dev="vda1" ino=84079112 scontext=system_u:system_r:foreman_rails_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=0

We fixed that in Fixes #34726 - Make git template sync work on EL8 by adamruzicka · Pull Request #134 · theforeman/foreman-selinux · GitHub and it was working in previous Luna runs (and is also still working on the non-upgraded one!).

However, yesterday we merged Fixes #34730 - Drop docker/container integration by ekohl · Pull Request #138 · theforeman/foreman-selinux · GitHub which might have triggered a bad upgrade?

evgeni · April 20, 2022, 7:49am

Yeah, looking at the dnf.rpm.log in the sosreport:

  2022-04-20T04:51:08+0000 SUBDEBUG Upgrade: foreman-selinux-3.3.0-0.1.develop.20220419072414git2577699.el8.noarch
  2022-04-20T04:51:45+0000 INFO libsepol.context_from_record: type foreman_container_port_t is not defined (No such file or directory).
  libsepol.context_from_record: could not create context structure (Invalid argument).
  libsepol.port_from_record: could not create port structure for range 2375:2375 (tcp) (Invalid argument).
  libsepol.sepol_port_modify: could not load port range 2375 - 2375 (tcp) (Invalid argument).
  libsemanage.dbase_policydb_modify: could not modify record value (Invalid argument).
  libsemanage.semanage_base_merge_components: could not merge local modifications into policy (Invalid argument).
  OSError: [Errno 22] Invalid argument

system · April 27, 2022, 7:50am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.