error while kickstarting 8.3

114 views

Skip to first unread message

Peter Pickford

unread,

Jan 14, 2021, 4:45:18 AM1/14/21

to springdale-users

Hi,

I'm getting
09:13:05,613 ERR dnf.rpm: Error in POSTIN script

while installing coreutils-common-8.30-8.el8.x86_64

The package immediately prior to this was bash

The inode times of /bin/sh and /bin/bash are prior to the time for files in coreutils-common-8.30-8 so I don't think its that the file was missing and there are previous examples of /bin.sh running sucsessfully.

I did an strace of anaconda while installing
showing:
92901 execve("/bin/sh", ["/bin/sh", "/var/tmp/rpm-tmp.ujfreh", "1"], 0x55cb1b213650 /* 30 vars */) = -1 ENOENT (No such file or directory)
92901 fstat(38, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
92901 write(38, "error: failed to exec scriptlet interpreter /bin"..., 79) = 79

Why can't /bin/sh be found and execed?

A search backwards for /bin/sh shows

92901 getxattr("/bin/sh", "security.selinux", "system_u:object_r:shell_exec_t:s0", 255) = 34
92901 openat(AT_FDCWD, "/sys/fs/selinux/class/process/index", O_RDONLY|O_CLOEXEC) = 69
92901 read(69, "2", 19) = 1
92901 close(69) = 0
92901 openat(AT_FDCWD, "/sys/fs/selinux/class/process/perms", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 69
92901 fstat(69, {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
92901 getdents64(69, /* 33 entries */, 32768) = 1048
92901 openat(AT_FDCWD, "/sys/fs/selinux/class/process/perms/.", O_RDONLY|O_CLOEXEC) = 71
92901 fstat(71, {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0

Followed by lots more 92901 openat(AT_FDCWD, "/sys/fs/selinux/class/process...

Then this

92901 openat(AT_FDCWD, "/sys/fs/selinux/create", O_RDWR|O_CLOEXEC) = 69
92901 write(69, "system_u:system_r:initrc_t:s0 system_u:object_r:"..., 65) = 65
92901 read(69, "system_u:system_r:initrc_t:s0\0", 4095) = 30
92901 close(69) = 0
92901 openat(AT_FDCWD, "/proc/thread-self/attr/exec", O_RDWR|O_CLOEXEC) = 69
92901 write(69, "system_u:system_r:rpm_script_t:s0\0", 34) = 34
92901 close(69) = 0

Is this selinux related?

Running andaconda with selinux disabled didn't seem to help

Is there something odd about coreutils-common-8.30-8.el8.x86_64

Any clues as to what to do other than install from 8.2 and upgrade?

Regards

Peter

JP

unread,

Jan 14, 2021, 9:52:35 AM1/14/21

to springdale-users

Hullo,

this is rather puzzling and it doesn't seem to make any sense. I tried a quick qemu/cd install just now and it had no problems - in my case filesystem (needed for /bin symlink to /usr/bin) appears around line 600 of packaging.log, bash line 693, coreutils-common line 760 - so dnf/anaconda ordered things correctly. What does your kickstart look like? I should be able to try some pxeboot kickstarts later today on actual hardware so I can try more closely reproducing this.

--
You received this message because you are subscribed to the Google Groups "springdale-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to springdale-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/springdale-users/59bad6d9-7a8b-48f0-8ff2-db3756983afdn%40googlegroups.com.

Peter Pickford

unread,

Jan 14, 2021, 12:53:43 PM1/14/21

to springdale-users

Hello JP,

Thankyou for the prompt reply.

The system was built using satellite 6.7

The boot images were from the http://springdale.princeton.edu/data/springdale/8/x86_64/os/images/

A .treeinfo was created to make AppStream available:

[general]

timestamp = 1605916713.4751067

family = Springdale Linux

version = 8.3

name = Springdale Linux-8.3

short = SDL

variant = BaseOS

arch = x86_64

packagedir = Packages

variants = AppStream,BaseOS

platforms = x86_64,xen

[header]

type = productmd.treeinfo

version = 1.2

[stage2]

mainimage = images/install.img

[images-x86_64]

kernel = images/pxeboot/vmlinuz

initrd = images/pxeboot/initrd.img

efiboot.img = images/efiboot.img

boot.iso = images/boot.iso

[images-xen]

kernel = images/pxeboot/vmlinuz

initrd = images/pxeboot/initrd.img

[release]

name = Springdale Linux

short = SDL

version = 8.3

[tree]

arch = x86_64

build_timestamp = 1559832596

platforms = x86_64,xen

variants = AppStream,BaseOS

[variant-AppStream]

id = AppStream

name = AppStream

packages = ../Springdale_8_3_x86_64_os_AppStream//Packages

repository = ../Springdale_8_3_x86_64_os_AppStream

type = variant

uid = AppStream

[variant-BaseOS]

id = BaseOS

name = BaseOS

packages = Packages

repository = .

type = variant

uid = BaseOS

The standard satellite kickstart template was used with no customizations.

Here is the kickstart:

url --url http://satellite.test.netremedies.ca/pulp/repos/PRIME/Library/custom/Springdale/Springdale_8_3_x86_64_os_BaseOS/

lang en_US.UTF-8

selinux --enforcing

keyboard us

skipx

network --bootproto static --ip=192.168.100.82 --netmask=255.255.255.0 --gateway=192.168.100.4 --nameserver=192.168.1.161 --mtu=1500 --hostname chad-burchess.test.netremedies.ca --device=00:50:56:96:05:be

rootpw --iscrypted $5$MnF7RkL5iTuRaGjq$2G.FFC3HM4wtRW/3WTXYEWFu0EQwPTAyYw.bloogHo.

firewall --service=ssh

authselect --useshadow --passalgo=sha256 --kickstart

timezone --utc UTC

services --disabled gpm,sendmail,cups,pcmcia,isdn,rawdevices,hpoj,bluetooth,openibd,avahi-daemon,avahi-dnsconfd,hidd,hplip,pcscd

bootloader --location=mbr --append="nofb quiet splash=quiet"

zerombr

clearpart --all --initlabel

autopart

text

reboot --eject

%packages

yum

dhclient

chrony

wget

@Core

redhat-lsb-core

%end

%post --nochroot

exec < /dev/tty3 > /dev/tty3

#changing to VT 3 so that we can see whats going on....

/usr/bin/chvt 3

(

cp -va /etc/resolv.conf /mnt/sysimage/etc/resolv.conf

/usr/bin/chvt 1

) 2>&1 | tee /mnt/sysimage/root/install.postnochroot.log

%end

%post --log=/mnt/sysimage/root/install.post.log

logger "Starting anaconda chad-burchess.test.netremedies.ca postinstall"

exec < /dev/tty3 > /dev/tty3

#changing to VT 3 so that we can see whats going on....

/usr/bin/chvt 3

# interface

real=`grep -l 00:50:56:96:05:be /sys/class/net/*/{bonding_slave/perm_hwaddr,address} 2>/dev/null | awk -F '/' '// {print $5}' | head -1`

sanitized_real=`echo $real | sed s/:/_/`

cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$sanitized_real

BOOTPROTO="none"

IPADDR="192.168.100.82"

NETMASK="255.255.255.0"

GATEWAY="192.168.100.4"

DOMAIN="test.netremedies.ca"

DEVICE=$real

HWADDR="00:50:56:96:05:be"

ONBOOT=yes

PEERDNS=yes

PEERROUTES=yes

DEFROUTE=yes

DNS1="192.168.1.161"

MTU=1500

EOF

echo "Updating system time"

/usr/bin/chronyc makestep

/usr/sbin/hwclock --systohc

# update all the base packages from the updates repository

if [ -f /usr/bin/dnf ]; then

dnf -y update

else

yum -t -y update

# SSH keys setup snippet for Remote Execution plugin

# Parameters:

# remote_execution_ssh_keys: public keys to be put in ~/.ssh/authorized_keys

# remote_execution_ssh_user: user for which remote_execution_ssh_keys will be

# authorized

# remote_execution_create_user: create user if it not already existing

# remote_execution_effective_user_method: method to switch from ssh user to

# effective user

# This template sets up SSH keys in any host so that as long as your public

# SSH key is in remote_execution_ssh_keys, you can SSH into a host. This

# works in combination with Remote Execution plugin by querying smart proxies

# to build an array.

# To use this snippet without the plugin provide the SSH keys as host parameter

# remote_execution_ssh_keys. It expects the same format like the authorized_keys

# file.

user_exists=false

getent passwd root >/dev/null 2>&1 && user_exists=true

if $user_exists; then

mkdir -p ~root/.ssh

cat << EOF >> ~root/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIIL4AwvCE1Tuboy1eJWcqzMUbljontaNqBr2F1HJVv977NZpnZxZoDSJRRigPDyNsRV3dOOheaXnSZtvbGbqGlxvGqaGw8O7uUpHrx+/pHhsYlSGcB5RolC3d0/Sww1lR0zMBnSgX2r34bWAisNDyTtK5kRMqueDQq0m7SJw/uqeySigVDDvoq1Am2EWJW73qSNLpCyt6jN1ZJoYMpKpD4wlOFjfscQdz6FCmbGYSVol/UnpD1B2uUqdJxJV9HyKB1VDKG9ozlbKx0BwUyicCrRpm7g25uq+cmhmilVqJxomIpT89zxwSPe2+7avoI3tDfflU4wphlQBuddzLy5Ed forema...@satellite.test.netremedies.ca

EOF

chmod 0700 ~root/.ssh

chmod 0600 ~root/.ssh/authorized_keys

chown -R root: ~root/.ssh

# Restore SELinux context with restorecon, if it's available:

command -v restorecon && restorecon -RvF ~root/.ssh || true

else

echo 'The remote_execution_ssh_user does not exist and remote_execution_create_user is not set to true. remote_execution_ssh_keys snippet will not install keys'

if [ -f /usr/bin/dnf ]; then

dnf -y install puppet-agent

else

yum -t -y install puppet-agent

cat > /etc/puppetlabs/puppet/puppet.conf << EOF

[main]

vardir = /opt/puppetlabs/puppet/cache

logdir = /var/log/puppetlabs/puppet

rundir = /var/run/puppetlabs

ssldir = /etc/puppetlabs/puppet/ssl

[agent]

pluginsync = true

report = true

ignoreschedules = true

ca_server = satellite.test.netremedies.ca

certname = chad-burchess.test.netremedies.ca

environment = production

server = satellite.test.netremedies.ca

EOF

puppet_unit=puppet

/usr/bin/systemctl list-unit-files | grep -q puppetagent && puppet_unit=puppetagent

/usr/bin/systemctl enable ${puppet_unit}

# export a custom fact called 'is_installer' to allow detection of the installer environment in Puppet modules

export FACTER_is_installer=true

# passing a non-existent tag like "no_such_tag" to the puppet agent only initializes the node

/opt/puppetlabs/bin/puppet agent --config /etc/puppetlabs/puppet/puppet.conf --onetime --tags no_such_tag --server satellite.test.netremedies.ca --no-daemonize

touch /tmp/foreman_built

%end

%post --erroronfail

if test -f /tmp/foreman_built; then

echo "calling home: build is done!"

if [ -x /usr/bin/curl ]; then

/usr/bin/curl -o /dev/null --noproxy \* -H 'Content-Type: text/plain' --data @/mnt/sysimage/root/install.post.log --silent 'http://satellite.test.netremedies.ca:8000/unattended/built?token=3f7301b6-1661-41a7-b0b0-df77a9cbd4e7'

elif [ -x /usr/bin/wget ]; then

/usr/bin/wget -q -O /dev/null --no-proxy --method POST --header 'Content-Type: text/plain' --body-file=/mnt/sysimage/root/install.post.log 'http://satellite.test.netremedies.ca:8000/unattended/built?token=3f7301b6-1661-41a7-b0b0-df77a9cbd4e7'

else

wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://satellite.test.netremedies.ca:8000/unattended/built?token=3f7301b6-1661-41a7-b0b0-df77a9cbd4e7'

else

echo "calling home: build failed!"

if [ -x /usr/bin/curl ]; then

elif [ -x /usr/bin/wget ]; then

else

wget -q -O /dev/null --header 'Content-Type: text/plain' 'http://satellite.test.netremedies.ca:8000/unattended/failed?token=3f7301b6-1661-41a7-b0b0-df77a9cbd4e7'

sync

%end

JP

unread,

Jan 15, 2021, 12:17:09 PM1/15/21

to springdale-users

Hullo,

I kickstarted a few machines and they worked with no trouble. This is with cobbler handling the heavy lifting which (due to the way we manage cobbler) makes it actually harder to get a setup closer to yours - but I'll try a bit later. Otherwise we are a bit more explicit with partitioning and we use updates repo during install (so machine comes up updated immediately with a faster overall install), redacted copy included below.

BTW, have you verified in packaging.log that bash did get installed before?

#version=RHEL8

# System bootloader configuration
bootloader --location=mbr --boot-drive=sda
# Use text mode install
text
# Firewall configuration
firewall --enabled
# do not run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8

# Use network installation
url --url=http://10.36.0.2/data/springdale/8.3/x86_64/os
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
repo --name=springdale-8 --baseurl=http://springdale.princeton.edu/data/puias/8.3/x86_64/os/BaseOS
repo --name=springdale-8-updates --baseurl=http://springdale.princeton.edu/data/puias/updates/8.3/BaseOS/x86_64
repo --name=springdale-8-appstream --baseurl=http://springdale.princeton.edu/data/puias/8.3/x86_64/os/AppStream
repo --name=springdale-8-updates-appstream --baseurl=http://springdale.princeton.edu/data/puias/updates/8.3/AppStream/x86_64
repo --name=springdale-unsupported-8 --baseurl=http://springdale.princeton.edu/data/puias/unsupported/8.3/x86_64/

# Network information
# Using "new" style networking config, by matching networking information to the physical interface's
# MAC-address
%include /tmp/pre_install_network_config

# Reboot after installation
reboot

#Root password
rootpw --iscrypted xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# SELinux configuration
#selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone America/New_York --isUtc
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
#If raid do both
clearpart --all --drives=sda --initlabel
#ignoredisk --only-use=sda

# Disk partitioning information
part pv.os --fstype="lvmpv" --ondisk=sda --size=1000 --grow
part /boot --fstype="xfs" --ondisk=sda --size=1024
reqpart
volgroup sl_base --pesize=4096 pv.os
logvol swap --fstype="swap" --size=8000 --name=swap --vgname=sl_base
logvol /tmp --fstype="xfs" --size=8000 --name=tmp --vgname=sl_base --fsoptions="nosuid,noatime"
logvol /var/tmp --fstype="xfs" --size=4000 --name=var_tmp --vgname=sl_base --fsoptions="nosuid,noatime"
logvol / --fstype="xfs" --size=16000 --name=root --vgname=sl_base
logvol /var --fstype="xfs" --size=32000 --name=var --vgname=sl_base --fsoptions="noatime"
logvol /home --fstype=xfs --size=16000 --name=home --vgname=sl_base

%packages
wget
python36
-initial-setup

To view this discussion on the web visit https://groups.google.com/d/msgid/springdale-users/4200c709-9174-4d4c-a4f4-4be76333ebe4n%40googlegroups.com.

Reply all

Reply to author

Forward

0 new messages