[Bug]Puppet throwing selinux errors in /var/log/messages
Environment
- Red Hat Satellite 6.x
Issue
- Puppet throwing selinux errors in
/var/log/messages. - When running
puppet agent --teston a client there will be HTTP error:
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
-In journalctl SYSLOG_IDENTIFIER=puppet-master you can see the selinux errors:
Jul 27 13:10:00 puppet-master[2671]: /etc/selinux/targeted/contexts/files/file_contexts: invalid context system_u:object_r:puppet_var_lib_t:s0
Jul 27 13:10:01 puppet-master[2671]: failed to set mode 644 on /var/log/puppet/masterhttp.log: Permission denied - /var/log/puppet/masterhttp.log
Jul 27 13:10:01 puppet-master[2671]: (/File[/var/log/puppet/masterhttp.log]/mode) change from 0644 to 0660 failed: failed to set mode 644 on /var/log/puppet/masterhttp.log: Permission denied - /var/log/puppet/masterhttp.
Jul 27 13:10:01 puppet-master[2671]: Could not prepare for execution: Got 1 failure(s) while initializing: File[/var/log/puppet/masterhttp.log]: change from 0644 to 0660 failed: failed to set mode 644 on /var/log/puppet/
Resolution
- There is a Bug filed foe Puppet throwing selinux errors in /var/log/messages.
- Workaround for now is to disable the selinux for
puppet agent.
# semanage permissive -a puppetagent_t
- Please open a Support ticket to get further updates on BUgzilla.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments