#502 setup-ds.pl script should wait if "semanage.trans.LOCK" present
Closed: Fixed None Opened 7 years ago by nkinder.

https://bugzilla.redhat.com/show_bug.cgi?id=868386 (Red Hat Enterprise Linux 7)

Description of problem: Creating simultaneous instances of directory server
fails when selinux is in enforcing mode. It returns
"libsemanage.semanage_get_lock: Could not get direct transaction lock at
/etc/selinux/targeted/modules/semanage.trans.LOCK" error.

How reproducible: Consistently

Steps to Reproduce:
1. Install latest 389-ds-base.
2. Set selinux to "Enforcing" mode.
3. Run setup-ds.pl script on two terminals simultaneously.
4. setup-ds.pl script fails to create ds instance and returns semanage error.

Actual results:

 semanage port -a -t ldap_port_t -p tcp 13989
libsemanage.semanage_get_lock: Could not get direct transaction lock at
/etc/selinux/targeted/modules/semanage.trans.LOCK. (Resource temporarily
/usr/sbin/semanage: Could not start semanage transaction

Expected results: setup-ds.pl script should be able to handle multiple instance
creation simultaneously.

The script should till the other one is completed.

Additional info: This change might be needed for setup-ds-admin.pl,
remove-ds.pl and remove-ds-admin.pl scripts.

Please refer to - https://bugzilla.redhat.com/show_bug.cgi?id=865236

Bug description: If multiple DSCreate or removeDSInstance run
simultaneously, semanage port fails because only one semanage
transaction is allowed to start.

Fix description: This patch puts "semanage port" in the while
loop and it retries until it succeeds or reaches the max retry
count (in total 5 minutes).

Reviewed by Mark (Thank you!!)

Pushed to master: commit 4999849

Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone: 1.3.1

3 years ago

Login to comment on this ticket.