2016-04-26 9 views
-1

packstackをインストールするときにエラーが発生しました。それはSELinuxの問題のように見えるログから/usr/bin/systemctl start openstack-nova-api failed

ERROR : Error appeared during Puppet run: x.x.x.x_api_nova.pp 
Error: Could not start Service[nova-api]: Execution of '/usr/bin/systemctl start openstack-nova-api' returned 1: Job for openstack-nova-api.service failed because the control process exited with error code. See "systemctl status openstack-nova-api.service" and "journalctl -xe" for details. 
You will find full trace in log /var/tmp/packstack/20160426-103906-Zre0yo/manifests/x.x.x.x_api_nova.pp.log' 


Apr 26 10:50:13 localhost.localdomain systemd[1]: Unit openstack-nova-api.service entered failed state. 
Apr 26 10:50:13 localhost.localdomain systemd[1]: openstack-nova-api.service failed. 
Apr 26 10:50:13 localhost.localdomain setroubleshoot[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. For comple 
Apr 26 10:50:13 localhost.localdomain python[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. 

                ***** Plugin catchall (100. confidence) suggests ************************** 

                If you believe that python2.7 should be allowed getattr access on the rpm file by default. 
                Then you should report this as a bug. 
                You can generate a local policy module to allow this access. 
                Do 
                allow this access for now by executing: 
                # grep nova-novncproxy /var/log/audit/audit.log | audit2allow -M mypol 
                # semodule -i mypol.pp 

Apr 26 10:50:13 localhost.localdomain systemd[1]: openstack-nova-api.service holdoff time over, scheduling restart. 
Apr 26 10:50:13 localhost.localdomain systemd[1]: Starting OpenStack Nova API Server... 
-- Subject: Unit openstack-nova-api.service has begun start-up 
-- Defined-By: systemd 
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel 
-- 
-- Unit openstack-nova-api.service has begun starting up. 
Apr 26 10:50:15 localhost.localdomain python2[9047]: detected unhandled Python exception in '/usr/bin/nova-api' 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: error: cannot open Packages database in /var/lib/rpm 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: Traceback (most recent call last): 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/bin/nova-api", line 10, in <module> 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: sys.exit(main()) 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/lib/python2.7/site-packages/nova/cmd/api.py", line 41, in main 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: config.parse_args(sys.argv) 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/lib/python2.7/site-packages/nova/config.py", line 65, in parse_args 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: default_config_files=default_config_files) 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 2171, in __call__ 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: self._namespace._files_permission_denied) 
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: oslo_config.cfg.ConfigFilesPermissionDeniedError: Failed to open some config files: /etc/nova/nova.conf 
Apr 26 10:50:15 localhost.localdomain setroubleshoot[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. For comple 
Apr 26 10:50:15 localhost.localdomain python[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. 

                ***** Plugin catchall (100. confidence) suggests ************************** 

                If you believe that python2.7 should be allowed getattr access on the rpm file by default. 
                Then you should report this as a bug. 
                You can generate a local policy module to allow this access. 
                Do 
                allow this access for now by executing: 
                # grep nova-novncproxy /var/log/audit/audit.log | audit2allow -M mypol 
                # semodule -i mypol.pp 

Apr 26 10:50:15 localhost.localdomain systemd[1]: openstack-nova-api.service: main process exited, code=exited, status=1/FAILURE 
Apr 26 10:50:15 localhost.localdomain systemd[1]: Failed to start OpenStack Nova API Server. 
-- Subject: Unit openstack-nova-api.service has failed 
-- Defined-By: systemd 
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel 
-- 
-- Unit openstack-nova-api.service has failed. 
-- 
-- The result is failed. 
Apr 26 10:50:15 localhost.localdomain systemd[1]: Unit openstack-nova-api.service entered failed state. 
Apr 26 10:50:15 localhost.localdomain systemd[1]: openstack-nova-api.service failed. 
' 
+0

どのようにログダンプをレンダリングしたかをお読みください。また、このサイトはあなたのものではないプログラミングの質問のためのものです。最後に、何の努力も払わずに(インスピレーションの質問ガイドラインを参照)、あなたはおそらくどのコミュニティでも助けを得ないでしょうので、専門家を雇うことを検討してください。 –

+2

'ConfigFilesPermissionDeniedError:いくつかの設定ファイルを開くことができませんでした:/ etc/nova/nova.conf' – myaut

+0

selinuxを無効にしようとしましたか正しいselinuxポリシーを追加しましたか? 'SELinuxは/usr/bin/python2.7が/ usr/bin/rpm'ファイルにgetattrアクセス​​できないようにしています –

答えて

0

SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm

することはでき無効SELinuxのか、それが必要とする権限を取得し、sedmoduleでそれを追加するためにaudit2allow使用しますか。ログで何を実行するかを指定します。

# grep nova-novncproxy /var/log/audit/audit.log | audit2allow -M mypol 
# semodule -i mypol.pp