[英]/usr/bin/systemctl start openstack-nova-api failed
Getting error when installing packstack.安装 packstack 时出错。
ERROR : Error appeared during Puppet run: x.x.x.x_api_nova.pp
Error: Could not start Service[nova-api]: Execution of '/usr/bin/systemctl start openstack-nova-api' returned 1: Job for openstack-nova-api.service failed because the control process exited with error code. See "systemctl status openstack-nova-api.service" and "journalctl -xe" for details.
You will find full trace in log /var/tmp/packstack/20160426-103906-Zre0yo/manifests/x.x.x.x_api_nova.pp.log'
Apr 26 10:50:13 localhost.localdomain systemd[1]: Unit openstack-nova-api.service entered failed state.
Apr 26 10:50:13 localhost.localdomain systemd[1]: openstack-nova-api.service failed.
Apr 26 10:50:13 localhost.localdomain setroubleshoot[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. For comple
Apr 26 10:50:13 localhost.localdomain python[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that python2.7 should be allowed getattr access on the rpm file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep nova-novncproxy /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Apr 26 10:50:13 localhost.localdomain systemd[1]: openstack-nova-api.service holdoff time over, scheduling restart.
Apr 26 10:50:13 localhost.localdomain systemd[1]: Starting OpenStack Nova API Server...
-- Subject: Unit openstack-nova-api.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit openstack-nova-api.service has begun starting up.
Apr 26 10:50:15 localhost.localdomain python2[9047]: detected unhandled Python exception in '/usr/bin/nova-api'
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: error: cannot open Packages database in /var/lib/rpm
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: Traceback (most recent call last):
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/bin/nova-api", line 10, in <module>
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: sys.exit(main())
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/lib/python2.7/site-packages/nova/cmd/api.py", line 41, in main
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: config.parse_args(sys.argv)
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/lib/python2.7/site-packages/nova/config.py", line 65, in parse_args
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: default_config_files=default_config_files)
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 2171, in __call__
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: self._namespace._files_permission_denied)
Apr 26 10:50:15 localhost.localdomain nova-api[9047]: oslo_config.cfg.ConfigFilesPermissionDeniedError: Failed to open some config files: /etc/nova/nova.conf
Apr 26 10:50:15 localhost.localdomain setroubleshoot[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. For comple
Apr 26 10:50:15 localhost.localdomain python[6359]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that python2.7 should be allowed getattr access on the rpm file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep nova-novncproxy /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Apr 26 10:50:15 localhost.localdomain systemd[1]: openstack-nova-api.service: main process exited, code=exited, status=1/FAILURE
Apr 26 10:50:15 localhost.localdomain systemd[1]: Failed to start OpenStack Nova API Server.
-- Subject: Unit openstack-nova-api.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit openstack-nova-api.service has failed.
--
-- The result is failed.
Apr 26 10:50:15 localhost.localdomain systemd[1]: Unit openstack-nova-api.service entered failed state.
Apr 26 10:50:15 localhost.localdomain systemd[1]: openstack-nova-api.service failed.
'
From the logs it looks like an SELinux issue: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm
从日志看来,这是一个 SELinux 问题:
SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm
You can either disable selinux or use audit2allow to get the permissions it needs and add it with sedmodule
.您可以禁用 selinux 或使用 audit2allow 获取所需的权限并将其添加到
sedmodule
。 It says what to run in the logs:它说明了要在日志中运行的内容:
# grep nova-novncproxy /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.