Our team is attempting a fresh install of Ondemand 1.8 on CentOS8. We are running into an issue when trying to install the ondemand-selinux RPM.
yum install ondemand-selinux
Last metadata expiration check: 1:38:58 ago on Wed 20 Jan 2021 01:57:40 PM EST.
Error:
Problem: cannot install the best candidate for the job
- nothing provides policycoreutils-python needed by ondemand-selinux-1.8.18-1.el8.x86_64
(try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
Thanks! It was renamed in el8, I can confirm in a centos:8 container. @tdockendorf FYI. We need to release a 1.8 update anyhow, so this will have to be included in it.
Seems like you could try to --skip-broken and install policycoreutils-python-utils. That may seem like the best bet.
The other route is to make a new ondemand-selinux package from ours, calling it maybe psc-ondemand-selinux (so we don’t have conflicts) and adding the right package. It’s not impossible, but probably going to cause conflicts and head-aches down the road, so I wouldn’t recommend it.
With the former approach you’re saying “install this thing, yes I know it has a bad dependency but I’m quite sure I have actually met the dependencies by installing the right package”. So it should work, just install python utils first.
Though @tdockendorf may have a better solution for you.
The resulting RPMs will be in /tmp/output/el8 and will NOT be GPG signed. You could then use that produced ondemand-selinux and it will get upgraded when we release next 1.8 release. The build process only needs Docker so you can build on anything that understands bash and docker.
Had to make a few modifications to get that install to work appropriately. The following is a list of the changes that were made (so that you may review and potentially make modifications in a future release):
ondemand/packaging/ondemand.spec - Removed the >= %{selinux_policy_ver}. This was causing issues during the install.
ondemand-packaging/build/Rakefile - Had to comment out line 132 as the packager was throwing errors here.
Thank you again for all of the help! Looking forward to being able to do a fresh install with the latest release once these changes are merged.
The issue with GPG signing for ondemand-packaging is a bug when GPG signing is disabled. Fixed with these pull requests:
The issue with ondemand.spec I can not reproduce. I just built a 1.8.18-2 RPM and when I go to install ondemand-selinux into CentOS 8 docker it pulls in the dependency for selinux-policy with version 3.14.3-54.el8. My RPM shows it depends on a version that is available:
My guess for your issue is maybe you are using local copies of CentOS or RHEL repos where your available version of selinux-policy is older than what was used to build the RPM inside the Docker container.