The switch to 'cat' was added to resolve the following selinux errors: avc: denied { write } for pid=XXXX comm="groupadd" path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX scontext=user_u:system_r:groupadd_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file avc: denied { write } for pid=XXXX comm="restorecon" path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX scontext=user_u:system_r:restorecon_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file avc: denied { write } for pid=XXXX comm="rpc.statd" path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX scontext=user_u:system_r:rpcd_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file avc: denied { write } for pid=XXXX comm="semodule" path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX scontext=user_u:system_r:semanage_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file avc: denied { write } for pid=XXXX comm="tzdata-update" path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX scontext=user_u:system_r:tzdata_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file avc: denied { write } for pid=XXXX comm="useradd" path="/tmp/yum.temp.XXXXXXXXXX" dev=sda2 ino=XXXXXXX scontext=user_u:system_r:useradd_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file These didn't prevent the execution of the commands, but did interfere with the logging to the tempfile. The issue was reported by Gilles Detillieux in Oct 2012 and included a patch (currently applied). I fear the provided suggestion doesn't quite solve the issue of being unable to check the exit code of yum: ------------------------------ #!/bin/bash { yum --disablerepo=* install kedddrnel stat=$? } 2>&1 | cat > /tmp/asdf echo "RC: $?" echo "stat: $stat" # cleanup temp file rm -f /tmp/asdf #---------------------------- Still researching...... Pat On 11/18/2013 10:56 AM, Elias Persson wrote: > Not really, given the use case (send mail with output in case of > errors). Not sure why the cat is necessary, but if it really is, > something like: > > { > yum ... > status=$? > } 2>&1 | cat ... > > should probably do. > > On 2013-11-18 17:09, Paul Robert Marino wrote: >> the logger command may be a better choice than a static file. >> >> >> On Mon, Nov 18, 2013 at 9:19 AM, Pat Riehecky <[log in to unmask]> wrote: >>> Let me look into it. >>> >>> Pat >>> >>> >>> On 11/15/2013 07:19 PM, William Taylor wrote: >>>> >>>> In /etc/cron.daily/yum-autoupdate if yum exits with an error it will >>>> never be considered an >>>> error because cat will exit with no error. This results with errors >>>> not >>>> being processed and >>>> emails not going out. Can this be re-written to not rely on cat so >>>> this >>>> won't happen ? >>>> >>>> /usr/bin/yum -c $TEMPCONFIGFILE -e 0 -d 1 -y $SECURITY update 2>&1 >>>> | cat >>>>> >>>>> $TEMPFILE >>>> >>>> >>>> Thanks, >>>> William >>> >>> >>> >>> -- >>> Pat Riehecky >>> >>> Scientific Linux developer >>> http://www.scientificlinux.org/ -- Pat Riehecky Scientific Linux developer http://www.scientificlinux.org/