Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-60060

Services are executed during the selinux-autorelabel

XMLWordPrintable

    • No
    • Moderate
    • 1
    • rhel-sst-upgrades
    • 20
    • 3
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • Leapp: 9.6 & 10.0
    • None
    • None
    • All
    • None

      What were you trying to do that didn't work?

      During an in-place upgrade with Leapp (7>8 or 8>9), our customer is encountering a problem during the execution of the leapp_resume.service, which is supposedly executed in the first boot on RHEL 9. Instead of that, it is executed during an intermediate reboot where the filesystems are relabeled after upgrading the packages:

      Sep 19 13:05:37 localhost selinux-autorelabel[754]: Relabeling / /boot /dev /dev/hugepages /dev/mqueue /dev/pts /dev/shm /run /sys /sys/fs/cgroup /sys/fs/pstore /sys/kernel
/debug /sys/kernel/tracing
 :
Sep 19 13:05:56 localhost selinux-autorelabel[754]: Cleaning up labels on /tmp
 :
Sep 19 13:05:57 localhost systemd-logind[1263]: The system will reboot now!
Sep 19 13:05:57 localhost systemd-logind[1263]: System is rebooting.
 :
Sep 19 13:05:57 localhost systemd[1]: Starting Temporary Leapp service which resumes execution after reboot...
 :
Sep 19 13:06:47 localhost systemd-shutdown[1]: Sending SIGTERM to remaining processes...
Sep 19 13:06:47 localhost systemd-journald[627]: Journal stopped 

      Since a reboot is initiated after the relabel, the post-upgrade tasks executed by the said service are interrupted before it can finish properly.

      What is the impact of this issue to you?

      Cannot finish the Leapp post-upgrade tasks properly.

      Please provide the package NVR for which the bug is seen:

      policycoreutils-3.6-2.1.el9
      policycoreutils-2.9-26.el8_10

      How reproducible is this bug?:

      Always for the customer in the frame of in-place upgrades.

      Such a behaviour can be reproduced outside of Leapp.

      Steps to reproduce

      Create and enable a foobar.service (with the same start conditions than the leapp_resume.service):

      [Unit]
Description=Foobar
After=default.target
DefaultDependencies=no
After=dbus.service
After=network-online.target
Wants=network-online.target

[Service]
Type=oneshot
ExecStart=/usr/bin/logger foobar
KillMode=process

[Install]
WantedBy=default.target

      Touch /.autorelabel and reboot.

      Expected results

      selinux-autorelabel is executed Before=basic.target

      Actual results

      Sep 25 14:41:20 localhost kernel: Linux version 5.14.0-427.16.1.el9_4.x86_64 (mockbuild@x86-vm-09.brew-001.prod.iad2.dc.redhat.com) (gcc (GCC) 11.4.1 20231218 (Red Hat 11.4.1-3), GNU ld version 2.35.2-43.el9) #1 SMP PREEMPT_DYNAMIC Fri Apr 26 18:16:09 EDT 2024
Sep 25 14:41:20 localhost kernel: Command line: BOOT_IMAGE=(hd0,msdos1)/vmlinuz-5.14.0-427.16.1.el9_4.x86_64 root=/dev/mapper/rhel-root ro crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap
 :
Sep 25 14:41:23 localhost selinux-autorelabel[884]: *** Warning -- SELinux targeted policy relabel is required.
Sep 25 14:41:23 localhost selinux-autorelabel[884]: *** Relabeling could take a very long time, depending on file
Sep 25 14:41:23 localhost selinux-autorelabel[884]: *** system size and speed of hard drives.
Sep 25 14:41:23 localhost systemd[1]: Starting Network Manager...
Sep 25 14:41:23 localhost dbus-broker-lau[881]: Ready
Sep 25 14:41:23 localhost selinux-autorelabel[884]: Running: /sbin/fixfiles -T 0  restore
 :
Sep 25 14:41:24 localhost.localdomain systemd[1]: Finished Network Manager Wait Online.
Sep 25 14:41:24 localhost.localdomain systemd[1]: Reached target Network is Online.
 :
Sep 25 14:41:33 localhost.localdomain selinux-autorelabel[892]: Relabeling / /boot /dev /dev/hugepages /dev/mqueue /dev/pts /dev/shm /run /sys /sys/fs/cgroup /sys/fs/pstore /sys/kernel/debug /sys/kernel/tracing
Sep 25 14:41:35 localhost.localdomain systemd[1]: NetworkManager-dispatcher.service: Deactivated successfully.
Sep 25 14:41:55 localhost.localdomain selinux-autorelabel[1307]: Warning no default label for /dev/mqueue
Sep 25 14:41:55 localhost.localdomain selinux-autorelabel[892]: Cleaning up labels on /tmp
 :
Sep 25 14:41:56 localhost.localdomain systemd-logind[1383]: The system will reboot now!
Sep 25 14:41:56 localhost.localdomain systemd-logind[1383]: System is rebooting.
 :
Sep 25 14:41:56 localhost.localdomain systemd[1]: selinux-autorelabel.service: Deactivated successfully.
Sep 25 14:41:56 localhost.localdomain systemd[1]: Stopped Relabel all filesystems.
Sep 25 14:41:56 localhost.localdomain systemd[1]: selinux-autorelabel.service: Consumed 1min 16.310s CPU time.
 :
Sep 25 14:41:57 localhost.localdomain systemd[1]: Starting Foobar...
Sep 25 14:41:57 localhost.localdomain root[1405]: foobar
Sep 25 14:41:57 localhost.localdomain systemd[1]: foobar.service: Deactivated successfully.
Sep 25 14:41:57 localhost.localdomain systemd[1]: Finished Foobar.
 :
Sep 25 14:41:57 localhost.localdomain systemd-shutdown[1]: Sending SIGTERM to remaining processes...
Sep 25 14:41:57 localhost.localdomain systemd-journald[627]: Received SIGTERM from PID 1 (systemd-shutdow).
Sep 25 14:41:57 localhost.localdomain systemd-journald[627]: Journal stopped 

              leapp-notifications leapp-notifications
              rhn-support-cbesson Christophe Besson
              leapp-notifications leapp-notifications
              RHEL Upgrades QE Team RHEL Upgrades QE Team
              Miriam Portman Miriam Portman
              Votes:
              1 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated: