-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SELinux not disabled by default, causes Prometheus install to fail #432
Comments
Fixed by adding
any reason for this? |
Hmm, I saw this, even though I'm using one of the StackHPC images. |
selinux is not disabled by default, hence this occurs with any unmodified cookiecutter environment regardless of image. See https://github.com/stackhpc/ansible-slurm-appliance/blob/main/environments/common/inventory/group_vars/all/selinux.yml. We do disable it in CI: https://github.com/stackhpc/ansible-slurm-appliance/blob/main/environments/.stackhpc/inventory/group_vars/selinux/overrides.yml |
Prometheus should work with selinux enabled once #449 merges |
Also a bit horrible that as the stackhpc env has selinux disabled, running site.yml using a default env (with it enabled) on our image means it reboots to change the status ... |
Ok so the (depreciated) cloudalchemy.prometheus role is looking for the wrong packages:
#ansible/roles/cloudalchemy.prometheus/vars/redhat.yml:
---
prometheus_selinux_packages:
- libselinux-python
- policycoreutils-python but: #ansible/roles/cloudalchemy.prometheus/vars/redhat-8.yml:
---
prometheus_selinux_packages:
- python3-libselinux
- python3-policycoreutils and [root@rl9-control rocky]# dnf list python3-libselinux
Last metadata expiration check: 0:10:20 ago on Fri 03 Jan 2025 11:03:24 AM UTC.
Installed Packages
python3-libselinux.x86_64 3.6-1.el9 @appstream
[root@rl9-control rocky]# dnf list python3-policycoreutils
Last metadata expiration check: 0:10:25 ago on Fri 03 Jan 2025 11:03:24 AM UTC.
Installed Packages
python3-policycoreutils.noarch There is no However because these come from an |
Also explains why this works on a client with SELinux enabled (on control node), b/c they are on RockyLinux 8. |
Produced using Rocky-9-GenericCloud-Base-9.4-20240523.0.x86_64.qcow2 using a custom (non .stackhpc) environment
The text was updated successfully, but these errors were encountered: