Re: [Users] engine-cleanup and then engine-setup - Failed to enable SELinux boolean

Itamar Heim Tue, 04 Sep 2012 00:53:00 -0700

On 09/03/2012 08:56 PM, Mohsen Saeedi wrote:

Another failure occur when handling HTTPD
Handling HTTPD...                                               [ ERROR ]
Failed to enable SELinux boolean


I found the related line in log:
2012-09-03 22:18:23::DEBUG::setup_sequences::59::root:: running
_configureSelinuxBoolean
2012-09-03 22:18:23::DEBUG::engine-setup::672::root:: Enable
httpd_can_network_connect boolean
2012-09-03 22:18:23::DEBUG::common_utils::309::root:: Executing command
--> '/usr/sbin/setsebool -P httpd_can_network_connect 1'
2012-09-03 22:18:44::DEBUG::common_utils::335::root:: output =
2012-09-03 22:18:44::DEBUG::common_utils::336::root:: stderr =
libsepol.sepol_context_from_string: malformed context "(/.*)?" (Invalid
argument).
libsepol.sepol_context_from_string: could not construct context from
string (Invalid argument).
libsemanage.fcontext_parse: invalid security context "(/.*)?"
(/etc/selinux/targeted/modules/tmp//file_contexts.local: 6)
/virt/iso    (/.*)?    system_u:object_r:public_content_rw_t:s0 (Invalid
argument).
libsemanage.fcontext_parse: could not parse file context record (Invalid
argument).
libsemanage.dbase_file_cache: could not cache file database (Invalid
argument).
libsemanage.enter_ro: could not enter read-only section (Invalid argument).
Could not change policy booleans

2012-09-03 22:18:44::DEBUG::common_utils::337::root:: retcode = 255
2012-09-03 22:18:44::DEBUG::setup_sequences::62::root:: Traceback (most
recent call last):
   File "/usr/share/ovirt-engine/scripts/setup_sequences.py", line 60,
in run
     function()
   File "/usr/bin/engine-setup", line 674, in _configureSelinuxBoolean
     out, rc = utils.execCmd(cmd, None, True,
output_messages.ERR_FAILED_UPDATING_SELINUX_BOOLEAN)
   File "/usr/share/ovirt-engine/scripts/common_utils.py", line 340, in
execCmd
     raise Exception(msg)
Exception: Failed to enable SELinux boolean

Any help? is it a bug?


/*Tim Hildred <thild...@redhat.com>*/ wrote on Sun, 2 Sep 2012 19:30:39
-0400 (EDT):

Hey Mohsen;

Did you check /etc/sysconfig/selinux to ensure that "SELINUX=enforcing"?

If you set it with setenforce, it would have reverted to whatever is in that 
file on any reboots.

At least that was my problem when I got that error.

Tim Hildred, RHCE
Content Author II - Engineering Content Services, Red Hat, Inc.
Brisbane, Australia
Email:thild...@redhat.com
Internal: 8588287
Mobile: +61 4 666 25242
IRC: thildred

----- Original Message -----

From: "Mohsen Saeedi"<mohsen.sae...@gmail.com>
To:users@ovirt.org
Sent: Monday, September 3, 2012 6:59:47 AM
Subject: [Users] engine-cleanup and then engine-setup - Failed to enable        
SELinux boolean

Hi
i'm usign Ovirt 3.1 on the Centos 6.3 x64.
I use engine-cleanup and then use engine-setup again. everything was
ok but i got the SELinux error at the end of configuration:

Proceed with the configuration listed above? (yes|no): yes

Installing:
AIO: Validating CPU Compatibility... [ DONE ]
Configuring oVirt-engine... [ DONE ]
Creating CA... [ DONE ]
Editing JBoss Configuration... [ DONE ]
Setting Database Configuration... [ DONE ]
Setting Database Security... [ DONE ]
Creating Database... [ DONE ]
Updating the Default Data Center Storage Type... [ DONE ]
Editing oVirt Engine Configuration... [ DONE ]
Editing Postgresql Configuration... [ DONE ]
Configuring the Default ISO Domain... [ DONE ]
Configuring Firewall (iptables)... [ DONE ]
Starting JBoss Service... [ DONE ]
Handling HTTPD... [ ERROR ]
Failed to enable SELinux boolean
Please check log file
/var/log/ovirt-engine/engine-setup_2012_09_03_01_17_41.log for more
information

I Attached the log file.

_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


the last patch i see touching selinux (not sure if made ovirt 3.1) is:

commit bab7eadb8dc239c451142ec7130e19f1d13781de
Author: Ofer Schreiber <oschr...@redhat.com>
Date:   Sun Jun 24 10:38:03 2012 +0300

    packaging: engine-setup - Use semange instead of setsebool

    engine-setup should use semanage commands insteam of setsebool, since
    setsebool works only when selinux is enabled.

    Change-Id: Ia7cd17036c503c7765887bb7bf26b131c727f0df
    Signed-off-by: Ofer Schreiber <oschr...@redhat.com>


_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [Users] engine-cleanup and then engine-setup - Failed to enable SELinux boolean

Reply via email to