[Bugs] [Bug 1470040] packaging: Upgrade glusterfs-ganesha sometimes fails to semanage ganesha_use_fusefs

bugzilla at redhat.com bugzilla at redhat.com
Wed Jul 12 11:05:08 UTC 2017


https://bugzilla.redhat.com/show_bug.cgi?id=1470040

Manisha Saini <msaini at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kkeithle at redhat.com,
                   |                            |msaini at redhat.com
              Flags|                            |needinfo?(kkeithle at redhat.c
                   |                            |om)



--- Comment #2 from Manisha Saini <msaini at redhat.com> ---
(In reply to Kaleb KEITHLEY from comment #1)
> This is what is happening during an update:
> 
> According to the yum logs the system first had
> selinux-policy-targeted-3.13.1-102.el7_3.16. There is no ganesha_use_fusefs
> in this package.
> 
> Then the system was updated to RHEL-7.4. glusterfs-ganesha was updated at
> 18:00:12. Then at 18:00:37 selinux-policy-targeted was updated to
> 3.13.1-166.el7. This has ganesha_use_fusefs.
> 
> ganesha_use_fusefs still wasn't available when glusterfs-ganesha was updated
> so the semanage command (silently) failed.
> 
> rpm only allows a 'Requires: selinux-policy-targeted >= NV'. I.e. NV =
> 3.13.1. It doesn't allow a 'Requires: selinux-policy-targeted >= NVR'. I.e.
> NVR = 3.13.1-166.
> 
> Thus, for the purposes of upgrading, 3.13.1-102.el7_3.16 satisfies the
> Requires: but doesn't have the necessary ganesha_fuse_fusefs for the %post
> to work.
> 
> Of course on a fresh install you will get the correct version of
> selinux-policy-targeted and everything works as expected.
> 
> Off the top of my head the only way to force selinux-policy-targeted to be
> updated before glusterfs-ganesha is to explicitly update it first, before
> applying the rest of the update. IOW this has to be prominently documented
> in the Release Notes.
> 
> --- Additional comment from Lukas Vrabec on 2017-07-12 03:05:29 EDT ---
> 
> Kaleb, 
> 
> There is a trigger , which you can use and do the post phase on the end of
> the RPM transaction. Which means, that you'll have all the new packages
> updated and then you switch on the SELinux boolean on.



Kaleb,

Yum update will pull all the packages all at once,ganesha and selinux packages.
We cannot only update the selinux package first followed by ganesha package.

However after upgrading both selinux and ganesha packages,we can document to
enable this boolean manually before doing gluster nfs-ganesha enable.
I will verify this steps manually too following the upgrade path.

Need your opinion on this...

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=LsdBuhIk8s&a=cc_unsubscribe


More information about the Bugs mailing list