search

libstorage / libstoragemgmt

A library for storage management
https://libstorage.github.io/libstoragemgmt-doc/
GNU Lesser General Public License v2.1
83 stars 32 forks source link

hpsa plugin fails to list volumes #526

Closed opoplawski closed 1 year ago

opoplawski commented 1 year ago

On an EL8 system with locally build libstoragemgmt 1.9.7:

smcli -u hpsa:// -t ',' lv
LIB_BUG(1): udev_enumerate_scan_devices() failed with -13

verbose lsmd log just has:

Mar 20 15:35:46 lsmd[1948288]: Exec'ing plug-in = /usr/bin/hpsa_lsmplugin
Mar 20 15:35:46 lsmd[1948299]: Plugin /usr/bin/hpsa_lsmplugin is running as root privilege
Smart Storage Administrator CLI 2.65.7.0
# ssacli controller slot=0 array all show

Smart Array P840ar in Slot 0 (Embedded)
   Array A (SAS, Unused Space: 0  MB)
tasleson commented 1 year ago

This is confusing. The error message is occurring in the path of local-disk-list, but your supplied command line is list --type volumes aka. lv which doesn't make sense. If we assume you did a copy/paste error with command and just look at error.

LIB_BUG(1): udev_enumerate_scan_devices() failed with -13 is from:

    udev_rc = udev_enumerate_scan_devices(udev_enum);
    if (udev_rc != 0) {
        rc = LSM_ERR_LIB_BUG;
        _lsm_err_msg_set(err_msg,
                         "udev_enumerate_scan_devices() failed "
                         "with %d",
                         udev_rc);
        goto out;
    }

Which indicates that a -13 returned which would point to Permission denied. As I believe you're running as root, I can only speculate that the reason for this is selinux denial. This would occur because you're running a local build which isn't installed on the system or not installed in such a way that it doesn't have the correct selinux contexts set on the files.

Please run your system in selinux permissive mode and try again eg.

~]# setenforce 0
~]# getenforce
Permissive
# lsmcli -u hpsa:// -t ',' ldl
opoplawski commented 1 year ago

Looks like SELinux was indeed the culprit. Works in permissive mode with the following AVCs:

type=AVC msg=audit(1679409019.187:57253): avc:  denied  { read } for  pid=9860 comm="hpsa_lsmplugin" name="b253:1" dev="tmpfs" ino=15848 scontext=system_u:system_r:lsmd_plugin_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=file permissive=1
type=AVC msg=audit(1679409019.187:57253): avc:  denied  { open } for  pid=9860 comm="hpsa_lsmplugin" path="/run/udev/data/b253:1" dev="tmpfs" ino=15848 scontext=system_u:system_r:lsmd_plugin_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=file permissive=1
type=AVC msg=audit(1679409019.187:57254): avc:  denied  { getattr } for  pid=9860 comm="hpsa_lsmplugin" path="/run/udev/data/b253:1" dev="tmpfs" ino=15848 scontext=system_u:system_r:lsmd_plugin_t:s0 tcontext=system_u:object_r:udev_var_run_t:s0 tclass=file permissive=1

I think the contexts are correct and likely just an issue with the selinux policy in RHEL8. I'll file a bug there.

Thanks for the help.