search

openstack-k8s-operators / edpm-ansible

External Dataplane Management Ansible Playbooks
https://openstack-k8s-operators.github.io/edpm-ansible/
Apache License 2.0
9 stars 65 forks source link

Stop edpm_telemetry selinux relabelling the system dbus socket #625

Closed olliewalsh closed 5 months ago

olliewalsh commented 5 months ago

This will break the host.

E.g systemd-hostnamed fails with type=AVC msg=audit([1713190908](tel:1713190908).762:30498): avc: denied { write } for pid=116232 comm="systemd-hostnam" name="system_bus_socket" dev="tmpfs" ino=459 scontext=system_u:system_r:systemd_hostnamed_t:s0 tcontext=system_u:object_r:container_file_t:s0 tclass=sock_file permissive=0

openshift-ci[bot] commented 5 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: olliewalsh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openstack-k8s-operators/edpm-ansible/blob/main/OWNERS)~~ [olliewalsh] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
jlarriba commented 5 months ago

/lgtm

Good catch!, thank you

softwarefactory-project-zuul[bot] commented 5 months ago

Build failed (check pipeline). Post recheck (without leading slash) to rerun all jobs. Make sure the failure cause has been resolved before you rerun jobs.

https://review.rdoproject.org/zuul/buildset/6236df39e84246218c4eb7bfeeacd83a

:heavy_check_mark: openstack-k8s-operators-content-provider SUCCESS in 2h 08m 23s :x: podified-multinode-edpm-deployment-crc FAILURE in 55m 18s :heavy_check_mark: cifmw-crc-podified-edpm-baremetal SUCCESS in 1h 47m 46s :heavy_check_mark: edpm-ansible-molecule-edpm_bootstrap SUCCESS in 6m 54s :heavy_check_mark: edpm-ansible-molecule-edpm_podman SUCCESS in 6m 05s :heavy_check_mark: edpm-ansible-molecule-edpm_module_load SUCCESS in 5m 15s :heavy_check_mark: edpm-ansible-molecule-edpm_kernel SUCCESS in 12m 49s :heavy_check_mark: edpm-ansible-molecule-edpm_libvirt SUCCESS in 9m 29s :heavy_check_mark: edpm-ansible-molecule-edpm_nova SUCCESS in 10m 29s :heavy_check_mark: edpm-ansible-molecule-edpm_frr SUCCESS in 6m 49s :heavy_check_mark: edpm-ansible-molecule-edpm_iscsid SUCCESS in 5m 11s :heavy_check_mark: edpm-ansible-molecule-edpm_ovn_bgp_agent SUCCESS in 7m 50s :heavy_check_mark: edpm-ansible-molecule-edpm_ovs SUCCESS in 5m 07s

olliewalsh commented 5 months ago

recheck