Hi,
I have updated the integration test images without properly testing them, because, hey, what can go wrong?
This is the first time I made the images on the machine we want to use for CI testing, but running the tests on it has some issues in general, so I missed these real regressions. Sorry.
I'll fix this 'asap'.
For the time being, check-docker is known to produce this output:
Unexpected journal message 'audit: type=1400 audit(1420788460.917:4): avc: denied { add_name } for pid=901 comm="docker" name=".docker" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=1' Unexpected journal message 'audit: type=1400 audit(1420788460.917:5): avc: denied { create } for pid=901 comm="docker" name=".docker" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=1' Unexpected journal message 'audit: type=1400 audit(1420788460.918:6): avc: denied { create } for pid=901 comm="docker" name="key.json" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file permissive=1' Unexpected journal message 'audit: type=1400 audit(1420788460.918:7): avc: denied { write open } for pid=901 comm="docker" path="/.docker/key.json" dev="vda" ino=221186 scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file permissive=1'
and the test fails because of that but otherwise seems to pass. Maybe this is a genuine Fedora bug.
Regsarding check-realm, realmd sucessfully joins the domain but then cockpitd crashes, so we have a real issue there.
On 01/09/2015 03:43 AM, Marius Vollmer wrote:
Hi,
I have updated the integration test images without properly testing them, because, hey, what can go wrong?
This is the first time I made the images on the machine we want to use for CI testing, but running the tests on it has some issues in general, so I missed these real regressions. Sorry.
I'll fix this 'asap'.
For the time being, check-docker is known to produce this output:
Unexpected journal message 'audit: type=1400 audit(1420788460.917:4): avc: denied { add_name } for pid=901 comm="docker" name=".docker" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=1' Unexpected journal message 'audit: type=1400 audit(1420788460.917:5): avc: denied { create } for pid=901 comm="docker" name=".docker" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=1' Unexpected journal message 'audit: type=1400 audit(1420788460.918:6): avc: denied { create } for pid=901 comm="docker" name="key.json" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file permissive=1' Unexpected journal message 'audit: type=1400 audit(1420788460.918:7): avc: denied { write open } for pid=901 comm="docker" path="/.docker/key.json" dev="vda" ino=221186 scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file permissive=1'
and the test fails because of that but otherwise seems to pass. Maybe this is a genuine Fedora bug.
Regsarding check-realm, realmd sucessfully joins the domain but then cockpitd crashes, so we have a real issue there. _______________________________________________ cockpit-devel mailing list cockpit-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel
This is a bug in docker, which is supposed to created these files/directories in /etc. Make sure you have the latest docker installed.
Daniel J Walsh dwalsh@redhat.com writes:
This is a bug in docker, which is supposed to created these files/directories in /etc. Make sure you have the latest docker installed.
Yes, thanks!
I found https://bugzilla.redhat.com/show_bug.cgi?id=1169769 but I am confused about what version is supposed to show what behavior. (I see this with docker-io-1.4.0-1.fc21.x86_64.) We'll just allow those messages, I'd say:
On 01/09/2015 08:47 AM, Marius Vollmer wrote:
Daniel J Walsh dwalsh@redhat.com writes:
This is a bug in docker, which is supposed to created these files/directories in /etc. Make sure you have the latest docker installed.
Yes, thanks!
I found https://bugzilla.redhat.com/show_bug.cgi?id=1169769 but I am confused about what version is supposed to show what behavior. (I see this with docker-io-1.4.0-1.fc21.x86_64.) We'll just allow those messages, I'd say:
https://github.com/cockpit-project/cockpit/pull/1630/files
cockpit-devel mailing list cockpit-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel
Me too, Lokesh do you have the answer?
On Fri, Jan 09, 2015 at 09:26:18AM -0500, Daniel J Walsh wrote:
On 01/09/2015 08:47 AM, Marius Vollmer wrote:
Daniel J Walsh dwalsh@redhat.com writes:
This is a bug in docker, which is supposed to created these files/directories in /etc. Make sure you have the latest docker installed.
Yes, thanks!
I found https://bugzilla.redhat.com/show_bug.cgi?id=1169769 but I am confused about what version is supposed to show what behavior. (I see this with docker-io-1.4.0-1.fc21.x86_64.) We'll just allow those messages, I'd say:
https://github.com/cockpit-project/cockpit/pull/1630/files
cockpit-devel mailing list cockpit-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/cockpit-devel
Me too, Lokesh do you have the answer?
This is about owning and using /etc/docker instead of /.docker, correct?
This should be fixed in docker-io-1.4.1-4.fc21. This is in updates-testing now as per what bodhi tells me.
Lokesh Mandvekar lsm5@redhat.com writes:
This is about owning and using /etc/docker instead of /.docker, correct?
I think so.
This should be fixed in docker-io-1.4.1-4.fc21. This is in updates-testing now as per what bodhi tells me.
Ok, thanks!
Daniel J Walsh dwalsh@redhat.com writes:
On 01/09/2015 08:47 AM, Marius Vollmer wrote:
I found https://bugzilla.redhat.com/show_bug.cgi?id=1169769 but I am confused about what version is supposed to show what behavior. [...]
Me too, Lokesh do you have the answer?
Please don't bother figuring this out just for us. We have to live with whatever Fedora gives us at any moment anyway.
On Fri, Jan 09, 2015 at 05:34:03PM +0200, Marius Vollmer wrote:
Daniel J Walsh dwalsh@redhat.com writes:
On 01/09/2015 08:47 AM, Marius Vollmer wrote:
I found https://bugzilla.redhat.com/show_bug.cgi?id=1169769 but I am confused about what version is supposed to show what behavior. [...]
Me too, Lokesh do you have the answer?
Please don't bother figuring this out just for us. We have to live with whatever Fedora gives us at any moment anyway.
My earlier message got stuck in moderator approval.
This was fixed in docker-io-1.4.1-4.fc21. This should be in updates-testing now. Let me know if that doesn't work as expected.
Marius Vollmer marius.vollmer@redhat.com writes:
I'll fix this 'asap'.
These pull requests should fix it:
1627 - Fixes crasher in cockpitd 1630 - Allows current docker selinux violations 1632 - Fixes general regression re DHCP behavior that made the tests often block completely
The last one actually fixes what I thought was a problem with our CI machine.
cockpit-devel@lists.fedorahosted.org