Bug 1185766

Summary: Transacrional-update fails due to selinux
Product: [openSUSE] openSUSE Tumbleweed Reporter: G.M. Venekamp <gm.venekamp>
Component: MicroOSAssignee: Forgotten User u0-bnvADNc <forgotten_u0-bnvADNc>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: iforster, martin.rohde
Version: Current   
Target Milestone: ---   
Hardware: x86-64   
OS: openSUSE Tumbleweed   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description G.M. Venekamp 2021-05-07 09:29:14 UTC 
When doing a fresh install with today's current MicroOS image (0505) and with the MicroOS transactiona container pattern, installing additional packages after the initial install fail. For example:

# transactional-update pkg install --download-in-advance firewalld
...
Additional rpm output:
/sbin/ldconfig: Warning: ignoring configuration file that cannot be opened:
/etc/ld.so.conf: Permission denied
/sbin/ldconfig: Can't create temporary cache file /etc/ld.so.cache.xeizJJ: Permission
denied
warning: %post(libgirepository-1_0-1-1.68.0-1.2.x86_64) scriptlet failed, exit status 1

There are multiple messages like this.

However, when I disable selinux by:

setenforce 0

The install succeeds.

Disabling selinux as a workaroud for installing a few additional packages to the MicroOS container works as long as this is done manually. However, for automated updates, one would have to permanently disable selinux, which I don't thinks is a good idea.

Not sure if the following is related. During initial boot of the installed systemd complains about the following role:

system_u_system_r_init_t

Regards,
Gerben
Comment 1 Ignaz Forster 2021-05-07 09:47:42 UTC 
Thanks a lot for the bug report. The problem has been identified already, I'll prepare a new transactional-update release today.

*** This bug has been marked as a duplicate of bug 1185625 ***
Comment 2 OBSbugzilla Bot 2021-06-14 00:50:26 UTC 
This is an autogenerated message for OBS integration:
This bug (1185766) was mentioned in
https://build.opensuse.org/request/show/899839 Factory / transactional-update
Comment 4 Swamp Workflow Management 2021-06-28 19:41:00 UTC 
SUSE-RU-2021:2192-1: An update that has 15 recommended fixes can now be installed.

Category: recommended (important)
Bug References: 1173842,1177149,1182525,1182544,1183442,1183521,1183539,1183856,1184529,1185224,1185226,1185625,1185766,1186775,1186842
CVE References: 
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    transactional-update-3.4.0-3.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2022-02-18 11:18:55 UTC 
SUSE-RU-2022:0487-1: An update that has 27 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1133891,1149131,1177149,1183521,1183539,1183856,1184529,1185224,1185226,1185625,1185766,1186213,1186775,1186842,1188110,1188322,1188648,1189728,1189807,1190383,1190574,1190788,1191475,1191945,1192078,1192242,1192302
CVE References: 
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Transactional Server 15-SP3 (src):    transactional-update-3.6.2-150300.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-02-18 11:22:32 UTC 
openSUSE-RU-2022:0487-1: An update that has 27 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1133891,1149131,1177149,1183521,1183539,1183856,1184529,1185224,1185226,1185625,1185766,1186213,1186775,1186842,1188110,1188322,1188648,1189728,1189807,1190383,1190574,1190788,1191475,1191945,1192078,1192242,1192302
CVE References: 
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    transactional-update-3.6.2-150300.3.3.1