Satellite-installer -S satellite fails with "Execution of '/usr/sbin/getsebool pulp_manage_puppet' returned 255: Error getting active value for pulp_manage_puppet"

Solution Verified - Updated 14 Jun 2024

Environment

Red Hat Satellite 6.x
Red Hat Capsule 6.x

Issue

When running satellite-installer -S satellite the installation stops with the following error:

 Execution of '/usr/sbin/getsebool pulp_manage_puppet' returned 255: Error getting active value for pulp_manage_puppet"`

Resolution

Load the selinux pulp modules by running the below commands:

 # semodule -i /usr/share/selinux/targeted/pulp-server.pp 
 # semodule -i /usr/share/selinux/targeted/pulp-celery.pp 
 # semodule -i /usr/share/selinux/targeted/pulp-streamer.pp

For more KB articles/solutions related to Red Hat Satellite 6.x Installation/Upgrade/Update Issues, please refer to the Red Hat Satellite Consolidated Troubleshooting Article for Red Hat Satellite 6.x Installation/Upgrade/Update Issues.

Root Cause

The package pulp-selinux-2.21.0.1-1.el7sat.noarch.rpm has a postinstall section that will install the policy modules for pulp only if SELinux is enabled in the system when the package gets installed.
```
 postinstall scriptlet (using /bin/sh):
 # Enable SELinux policy modules
 if /usr/sbin/selinuxenabled ; then
 /usr/share/pulp/selinux/server/enable.sh /usr/share
 fi
```
Installing the satellite package will pull pulp-selinux package as a dependecy and switching SELinux from disabled to enabled(before running the satellite-installer) will cause the satellite-installer to fail with the above error.

Diagnostic Steps

Run the below command to see if the selinux modules for pulp are loaded in the system:
```
 semodule -l |grep pulp
```
If the above command returns nothing, it means the SELinux policy modules are not loaded.

The satellite-installer will log the below error message in /var/log/foreman-installer/satellite.log:

    /Stage[main]/Pulp::Config/Selboolean[pulp_manage_puppet]: Could not evaluate: Execution of '/usr/sbin/getsebool pulp_manage_puppet' returned 255: Error getting active value for pulp_manage_puppet
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:295:in `execute'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider/command.rb:23:in `execute'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider.rb:223:in `block in has_command'

Also, make sure Red Hat Satellite and Capsule has umask set to 0022
```
 # umask
  0022
```

SBR

SysMgmt

Product(s)

Red Hat Satellite

Components

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.