Gitlab Omnibus - 安装问题 - CentOS 7 (SELinux)
Gitlab Omnibus - Installation Problems - CentOS 7 (SELinux)
我正在 CentOS 7(最小)上安装 gitlab-ce (8.17.2)。基本安装后,sudo gitlab-ctl reconfigure 给我这个错误:
Error executing action run on resource 'execute[semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp]'
详情(到目前为止我做了什么):
我先installed/executed以下依赖:
yum check-update
sudo yum install curl policycoreutils openssh-server openssh-clients
sudo systemctl enable sshd
sudo systemctl start sshd
sudo yum install postfix
sudo systemctl enable postfix
sudo systemctl start postfix
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo systemctl reload firewalld
然后我使用以下命令安装了 gitlab (omnibus):
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
sudo yum install gitlab-ce
这安装了最新的可用版本 8.17.2。
我还没有自定义 /etc/gitlab/gitlab.rb。当我尝试使用以下方式重新配置 gitlab 时:
sudo gitlab-ctl reconfigure
我收到以下错误:
Recipe: gitlab::selinux
* execute[semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp] action runsemodule: relocation error: semodule: symbol semanage_module_info_get_version, version LIBSEMANAGE_1.1 not defined in file libsemanage.so.1 with link time reference
[execute] semodule: relocation error: semodule: symbol semanage_module_info_get_version, version LIBSEMANAGE_1.1 not defined in file libsemanage.so.1 with link time reference
================================================================================
Error executing action `run` on resource 'execute[semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '127'
---- Begin output of semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp ----
STDOUT:
STDERR: semodule: relocation error: semodule: symbol semanage_module_info_get_version, version LIBSEMANAGE_1.1 not defined in file libsemanage.so.1 with link time reference
---- End output of semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp ----
Ran semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp returned 127
Resource Declaration:
---------------------
# In /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/selinux.rb
20: execute "semodule -i /opt/gitlab/embedded/selinux/rhel/7/#{ssh_keygen_module}.pp" do
21: not_if "getenforce | grep Disabled"
22: not_if "semodule -l | grep '^#{ssh_keygen_module}\s'"
23: end
24: end
Compiled Resource:
------------------
# Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/selinux.rb:20:in `from_file'
execute("semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp") do
action [:run]
retries 0
retry_delay 2
default_guard_interpreter :execute
command "semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp"
backup 5
returns 0
declared_type :execute
cookbook_name "gitlab"
recipe_name "selinux"
not_if "getenforce | grep Disabled"
not_if "semodule -l | grep '^gitlab-7.2.0-ssh-keygen\s'"
end
Platform:
---------
x86_64-linux
Running handlers:
Running handlers complete
Chef Client failed. 3 resources updated in 03 seconds
Note that in the following file:
/etc/sysconfig/selinux
If I change SELINUX=enforcing to disabled and try reconfiguring, it works just fine. But I was expecting it to work without doing this. It worked just fine a couple of weeks back with version gitlab 8.16.0. Now, even if I install 8.0.16, I still get the same error. What am I missing?
解决方法是安装以下内容来管理 SELinux:
sudo yum install libsemanage-static libsemanage-devel
文档没有在这里提到这个:https://about.gitlab.com/downloads/#centos7
问题请看这里:https://gitlab.com/gitlab-org/omnibus-gitlab/issues/2051
我正在 CentOS 7(最小)上安装 gitlab-ce (8.17.2)。基本安装后,sudo gitlab-ctl reconfigure 给我这个错误:
Error executing action
runon resource 'execute[semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp]'
详情(到目前为止我做了什么):
我先installed/executed以下依赖:
yum check-update
sudo yum install curl policycoreutils openssh-server openssh-clients
sudo systemctl enable sshd
sudo systemctl start sshd
sudo yum install postfix
sudo systemctl enable postfix
sudo systemctl start postfix
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo systemctl reload firewalld
然后我使用以下命令安装了 gitlab (omnibus):
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
sudo yum install gitlab-ce
这安装了最新的可用版本 8.17.2。
我还没有自定义 /etc/gitlab/gitlab.rb。当我尝试使用以下方式重新配置 gitlab 时:
sudo gitlab-ctl reconfigure
我收到以下错误:
Recipe: gitlab::selinux
* execute[semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp] action runsemodule: relocation error: semodule: symbol semanage_module_info_get_version, version LIBSEMANAGE_1.1 not defined in file libsemanage.so.1 with link time reference
[execute] semodule: relocation error: semodule: symbol semanage_module_info_get_version, version LIBSEMANAGE_1.1 not defined in file libsemanage.so.1 with link time reference
================================================================================
Error executing action `run` on resource 'execute[semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '127'
---- Begin output of semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp ----
STDOUT:
STDERR: semodule: relocation error: semodule: symbol semanage_module_info_get_version, version LIBSEMANAGE_1.1 not defined in file libsemanage.so.1 with link time reference
---- End output of semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp ----
Ran semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp returned 127
Resource Declaration:
---------------------
# In /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/selinux.rb
20: execute "semodule -i /opt/gitlab/embedded/selinux/rhel/7/#{ssh_keygen_module}.pp" do
21: not_if "getenforce | grep Disabled"
22: not_if "semodule -l | grep '^#{ssh_keygen_module}\s'"
23: end
24: end
Compiled Resource:
------------------
# Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/selinux.rb:20:in `from_file'
execute("semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp") do
action [:run]
retries 0
retry_delay 2
default_guard_interpreter :execute
command "semodule -i /opt/gitlab/embedded/selinux/rhel/7/gitlab-7.2.0-ssh-keygen.pp"
backup 5
returns 0
declared_type :execute
cookbook_name "gitlab"
recipe_name "selinux"
not_if "getenforce | grep Disabled"
not_if "semodule -l | grep '^gitlab-7.2.0-ssh-keygen\s'"
end
Platform:
---------
x86_64-linux
Running handlers:
Running handlers complete
Chef Client failed. 3 resources updated in 03 seconds
Note that in the following file:
/etc/sysconfig/selinuxIf I change SELINUX=enforcing to disabled and try reconfiguring, it works just fine. But I was expecting it to work without doing this. It worked just fine a couple of weeks back with version gitlab 8.16.0. Now, even if I install 8.0.16, I still get the same error. What am I missing?
解决方法是安装以下内容来管理 SELinux:
sudo yum install libsemanage-static libsemanage-devel
文档没有在这里提到这个:https://about.gitlab.com/downloads/#centos7 问题请看这里:https://gitlab.com/gitlab-org/omnibus-gitlab/issues/2051