After the upgrade to fedora-messaging-2.0.1, we started seeing a bunch of 500s coming out of resultsdb. Turns out that selinux was blocking part of the code that was emitting messages on rabbitmq. This is apparently a known issue in python-cryptography [1] and their docs say that the sebool deny_execmem needs to be off. Since this is executed by apache, this leads to httpd_execmem needing to be true. I still don't understand why this started suddenly - the underlying issue in python-cryptography has been there for a while. Either way, I'm changing the sebool for resultsdb machines to make sure it doesn't continue to cause problems for things that are submitting results to resultsdb. |
||
---|---|---|
.. | ||
main.yml |