[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic] Centos Atomic 7.0 -> 7.1

From: Eric Paris <eparis redhat com>
To: Colin Walters <walters verbum org>
Cc: atomic projectatomic io
Subject: Re: [atomic] Centos Atomic 7.0 -> 7.1
Date: Wed, 15 Apr 2015 13:50:57 -0500

On Wed, 2015-04-15 at 14:31 -0400, Colin Walters wrote:
> Users of CentOS Atomic 7 will hit this error on upgrading now:
> 
> # atomic upgrade
> Updating from: centos-atomic-host:centos/7/atomic/x86_64/cloud-docker-host
>  
> Receiving objects: 24% (1436/5931) 308.3 kB/s 34.2 MB          
> error: fsetxattr: Invalid argument
> 
> What's happening here is that this is a full atomic switch from a CentOS 7.0 to CentOS 7.1 base - but we're using the old selinux policy to do it.  The 7.0 SELinux policy had a bug with respect to rpm-ostree that caused a domain transition to not occur.
> 
> You can work around this with:
> 
> # runcon -r system_r -t install_t atomic upgrade
> 
> This workaround will only be necessary one time - after that the 7.1 SELinux policy will be in place and the correct domain transition will occur.

dwalsh,

shouldn't atomic upgrade has CAP_MAC_ADMIN, so we never hit this in the
future?

-Eric

Follow-Ups:
- Re: [atomic] Centos Atomic 7.0 -> 7.1
  - From: Colin Walters

References:
- [atomic] Centos Atomic 7.0 -> 7.1
  - From: Colin Walters

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]