 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Mon, 18 Nov 2013 15:38:46 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
well if you want that then you need to create a bash script for cron to execute
in the script you put the output of the yum command to a variable via
a back tick and then you use an if statement to check the results of
$? to determine whether to echo the contents of the variable to
standard out triggering cron to send an email, or to unset the
variable and exit.
On Mon, Nov 18, 2013 at 3:10 PM, Pat Riehecky <[log in to unmask]> wrote:
> The switch to 'cat' was added to resolve the following selinux errors:
>
> avc: denied { write } for pid=XXXX comm="groupadd"
> path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX
> scontext=user_u:system_r:groupadd_t:s0 tcontext=user_u:object_r:tmp_t:s0
> tclass=file
> avc: denied { write } for pid=XXXX comm="restorecon"
> path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX
> scontext=user_u:system_r:restorecon_t:s0 tcontext=user_u:object_r:tmp_t:s0
> tclass=file
> avc: denied { write } for pid=XXXX comm="rpc.statd"
> path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX
> scontext=user_u:system_r:rpcd_t:s0 tcontext=user_u:object_r:tmp_t:s0
> tclass=file
> avc: denied { write } for pid=XXXX comm="semodule"
> path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX
> scontext=user_u:system_r:semanage_t:s0 tcontext=user_u:object_r:tmp_t:s0
> tclass=file
> avc: denied { write } for pid=XXXX comm="tzdata-update"
> path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX
> scontext=user_u:system_r:tzdata_t:s0 tcontext=user_u:object_r:tmp_t:s0
> tclass=file
> avc: denied { write } for pid=XXXX comm="useradd"
> path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX
> scontext=user_u:system_r:useradd_t:s0 tcontext=user_u:object_r:tmp_t:s0
> tclass=file
>
>
> These didn't prevent the execution of the commands, but did interfere with
> the logging to the tempfile. The issue was reported by Gilles Detillieux in
> Oct 2012 and included a patch (currently applied).
>
>
> I fear the provided suggestion doesn't quite solve the issue of being unable
> to check the exit code of yum:
>
> ------------------------------
> #!/bin/bash
>
> {
> yum --disablerepo=* install kedddrnel
> stat=$?
> } 2>&1 | cat > /tmp/asdf
> echo "RC: $?"
>
> echo "stat: $stat"
>
> # cleanup temp file
> rm -f /tmp/asdf
> #----------------------------
>
>
> Still researching......
>
>
> Pat
>
>
>
> On 11/18/2013 10:56 AM, Elias Persson wrote:
>>
>> Not really, given the use case (send mail with output in case of errors).
>> Not sure why the cat is necessary, but if it really is, something like:
>>
>> {
>> yum ...
>> status=$?
>> } 2>&1 | cat ...
>>
>> should probably do.
>>
>> On 2013-11-18 17:09, Paul Robert Marino wrote:
>>>
>>> the logger command may be a better choice than a static file.
>>>
>>>
>>> On Mon, Nov 18, 2013 at 9:19 AM, Pat Riehecky <[log in to unmask]> wrote:
>>>>
>>>> Let me look into it.
>>>>
>>>> Pat
>>>>
>>>>
>>>> On 11/15/2013 07:19 PM, William Taylor wrote:
>>>>>
>>>>>
>>>>> In /etc/cron.daily/yum-autoupdate if yum exits with an error it will
>>>>> never be considered an
>>>>> error because cat will exit with no error. This results with errors not
>>>>> being processed and
>>>>> emails not going out. Can this be re-written to not rely on cat so this
>>>>> won't happen ?
>>>>>
>>>>> /usr/bin/yum -c $TEMPCONFIGFILE -e 0 -d 1 -y $SECURITY update 2>&1 |
>>>>> cat
>>>>>>
>>>>>>
>>>>>> $TEMPFILE
>>>>>
>>>>>
>>>>>
>>>>> Thanks,
>>>>> William
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Pat Riehecky
>>>>
>>>> Scientific Linux developer
>>>> http://www.scientificlinux.org/
>
>
>
> --
> Pat Riehecky
>
> Scientific Linux developer
> http://www.scientificlinux.org/
|
|
|
