Why rhel-push-plugin.sock and docker service fails to start after upgrading RHEL Atomic Host from 7.3 to 7.3.2 ?
Issue
- Why rhel-push-plugin.sock and docker service fails to start after upgrading RHEL Atomic Host from 7.3 to 7.3.2 ?
- Docker fails to start because rhel-push-plugin.sock can't be started after upgrade from 7.3 to 7.3.2. If setenfore 0, then docker can be started. Journalctl has the following messages in the logs
Jan 19 13:05:36 XXXXX systemd[1]: Failed to set SELinux security context system_u:object_r:container_var_run_t:s0 for /run/docker: Invalid argument
Jan 19 13:05:36 XXXXX systemd[1]: Failed to set SELinux security context system_u:object_r:container_plugin_var_run_t:s0 for /run/docker/plugins/rhel-push-plugin.sock: Invalid argument
Jan 19 13:05:36 XXXXX systemd[1]: rhel-push-plugin.socket failed to listen on sockets: Invalid argument
Jan 19 13:05:36 XXXXX systemd[1]: Failed to listen on Docker Block RHEL push plugin Socket for the API.
Jan 19 13:05:36 XXXXX kernel: type=1400 audit(1484827536.612:13): avc: denied { mac_admin } for pid=1 comm="systemd" capability=33 scontext=system_u:system_r:init_t:s0 tcontext=system_u:
Jan 19 13:05:36 XXXXX kernel: type=1401 audit(1484827536.613:14): op=fscreate invalid_context="system_u:object_r:container_var_run_t:s0"
Jan 19 13:05:36 XXXXX kernel: type=1400 audit(1484827536.613:15): avc: denied { mac_admin } for pid=1 comm="systemd" capability=33 scontext=system_u:system_r:init_t:s0 tcontext=system_u:
Jan 19 13:05:36 XXXXX kernel: type=1401 audit(1484827536.613:16): op=fscreate invalid_context="system_u:object_r:container_plugin_var_run_t:s0"
Jan 19 13:05:36 XXXXX systemd[1]: Dependency failed for Docker Application Container Engine.
Jan 19 13:05:36 XXXXX systemd[1]: Job docker.service/start failed with result 'dependency'.
Environment
- Red Hat Enterprise Atomic Host 7.3
- OStree upgraded from 7.3 to 7.3.2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
