isenberg
I'm new here

Using Deployment over rsync-ssh on Red Hat Enterprise Linux with SELinux enabled

Using Deployment over rsync-ssh on

Red Hat Enterprise Linux with SELinux enabled

This addendum complements:

    PDF: FirstSpirit Manual for Administrators

    Chapters: 10 Secure deployment via rsync and ssh

Problem:

If SELinux (Security Enhanced Linux) is enabled on Red Hat Enterprise Linux (RHEL) or a comparable Linux system, the deployment task over rsync and ssh started within FirstSpirit to an external webserver fails with exitcode 12. The following error message is shown in firstspirit5/log/fs-server.log:

ERROR 30.04.2014 14:48:14.289 {pID=2722,uID=0,seID=2913} (de.espirit.firstspirit.impl.access.ScriptContextImpl): rsync-ssh-Deployment for project "Testproject":
failed with exitcode 12 for WrapperManager.exec(
rsync -vcrt -e ssh  -oBatchMode=yes -oStrictHostKeyChecking=no -l webuser /opt/firstspirit5/web/fs5staging/2722/2913/ webhost:/webpath) 

Solution:

Verify if SELinux is enabled on both hosts, the FirstSpirit-Server and the deployment target, the webserver host:

$ sestatus

If it is enabled, disable it:

$ vi /etc/selinux/config


replace

SELINUX=enabled

with

SELINUX=disabled

and

reboot

Explanation:

SELinux cannot decide if rsync is used in client oder server mode. Read http://danwalsh.livejournal.com/61646.html for more details.