Issue #1648 has been updated by seanmil. Status changed from Accepted to Ready for Checkin
Ah, okay, it wasn't clear to me that this was recurring on every run and I didn't notice that all the files were symlinks. I also discovered this issue yesterday and already have the fix and updated tests for it ready, they just need to get pushed. I agree that chcon -h is the correct fix. Thanks for reporting it. commit 195f7f3902937c5a502c72988daca63d91e0ea0d now pushed to my 0.24.x/selinux-fixes branch at git://github.com/seanmil/puppet.git I am also sending it to puppet-dev for review. Thanks again! ---------------------------------------- Bug #1648: 0.24.6RC1 setting selinux permissions even when disabled http://projects.reductivelabs.com/issues/show/1648 Author: jenza Status: Ready for Checkin Priority: Normal Assigned to: seanmil Category: Red Hat Target version: 0.24.6 Complexity: Unknown Affected version: Keywords: Centos 5.1 2.6.18-92.el5 #1 SMP Tue Jun 10 18:51:06 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux. Selinux running in permissive mode on both client/server Upgraded client and server from 0.24.5 to 0.24.6RC1 and the following behavior started. <pre>[EMAIL PROTECTED] plugins]# puppetd --test --no-noop notice: Ignoring --listen on onetime run info: Caching catalog at /var/lib/puppet/state/localconfig.yaml notice: Starting catalog run notice: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/munin::plugins::interfaces/Munin::Plugin[if_eth0]/File[/etc/munin/plugins/if_eth0]/seluser: seluser changed 'user_u' to 'system_u' info: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/munin::plugins::interfaces/Munin::Plugin[if_eth0]/File[/etc/munin/plugins/if_eth0]: Scheduling refresh of Service[munin-node] notice: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[interrupts]/File[/etc/munin/plugins/interrupts]/seluser: seluser changed 'user_u' to 'system_u' info: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[interrupts]/File[/etc/munin/plugins/interrupts]: Scheduling refresh of Service[munin-node] notice: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[netstat]/File[/etc/munin/plugins/netstat]/seluser: seluser changed 'user_u' to 'system_u' info: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[netstat]/File[/etc/munin/plugins/netstat]: Scheduling refresh of Service[munin-node] notice: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[acpi]/File[/etc/munin/plugins/acpi]/seluser: seluser changed 'user_u' to 'system_u' info: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[acpi]/File[/etc/munin/plugins/acpi]: Scheduling refresh of Service[munin-node] notice: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[df_abs]/File[/etc/munin/plugins/df_abs]/seluser: seluser changed 'user_u' to 'system_u' info: //Node[obu-repos]/munin::client/munin::client::base/munin::plugins::base/munin::plugins::linux/Munin::Plugin[df_abs]/File[/etc/munin/plugins/df_abs]: Scheduling refresh of Service[munin-node] </pre> If I downgrade to puppet-0.24.5-1.el5 puppet runs fine with no changes while still using the 0.24.6RC1 server. <pre> [EMAIL PROTECTED] plugins]# puppetd --test --no-noop notice: Ignoring --listen on onetime run info: Caching catalog at /var/lib/puppet/state/localconfig.yaml notice: Starting catalog run info: Sent transaction report in 1.35 seconds notice: Finished catalog run in 5.54 seconds </pre> /etc/munin/plugins 0.26RC1 Client <pre> lrwxrwxrwx 1 user_u:object_r:etc_t root root 25 Oct 7 14:59 acpi -> /usr/share/munin/plugins/ lrwxrwxrwx 1 user_u:object_r:etc_t root root 28 Oct 7 14:58 cpu -> /usr/share/munin/plugins/cpu lrwxrwxrwx 1 user_u:object_r:etc_t root root 27 Oct 7 14:58 df -> /usr/share/munin/plugins/df lrwxrwxrwx 1 user_u:object_r:etc_t root root 31 Oct 7 14:59 df_abs -> /usr/share/munin/plugins/df_abs lrwxrwxrwx 1 user_u:object_r:etc_t root root 33 Oct 7 14:58 df_inode -> /usr/share/munin/plugins/df_inode </pre> 0.25 Client <pre>lrwxrwxrwx 1 root:object_r:etc_t root root 25 Sep 29 13:37 acpi -> /usr/share/munin/plugins/ lrwxrwxrwx 1 root:object_r:etc_t root root 28 Sep 29 13:37 cpu -> /usr/share/munin/plugins/cpu lrwxrwxrwx 1 root:object_r:etc_t root root 27 Sep 29 13:37 df -> /usr/share/munin/plugins/df lrwxrwxrwx 1 root:object_r:etc_t root root 31 Sep 29 13:37 df_abs -> /usr/share/munin/plugins/df_abs lrwxrwxrwx 1 root:object_r:etc_t root root 33 Sep 29 13:37 df_inode -> /usr/share/munin/plugins/df_inode </pre> ---------------------------------------- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en -~----------~----~----~----~------~----~------~--~---
