Ansible modules copy/template errors for Linux 5 hosts using python26 ,python binding libselinux-python needed

Archives Ansible Project
1

Hello Ladies & Gentlemen,

We have some 50 odd linux 5 hosts, and to manage that we use ansible.

Problem :- Ansible modules copy/template errors for Linux 5 hosts using python26 ,python binding libselinux-python needed

Actual error :- fatal : FAILED! => {“changed”: false, “msg”: “Aborting, target uses selinux but python bindings (libselinux-python) aren’t installed!”}

Environment:-

Ansible Master node : - EL7
Selinux enabled
libselinux-python : installed libselinux-python.x86_64 0:2.5-14.1.el7

Node :- EL 5
Selinux enabled
Using ansible_python_interpreter=/usr/bin/python26
libselinux-python : installed libselinux-python-1.33.4-5.7.el5.x86_64

Description:-

I see the problem

With default Python …

selinux]# python
Python 2.4.3 (#1, May 5 2011, 15:12:27)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-50)] on linux2
Type "help", "copyright", "credits" or "license" for more information.

import selinux
selinux.is_selinux_enabled()
1

And with python26

[root@dev-bozo21 selinux]# python26
Python 2.6.8 (unknown, Nov 7 2012, 14:47:45)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-52)] on linux2
Type "help", "copyright", "credits" or "license" for more information.

import selinux
Traceback (most recent call last):
File "", line 1, in 
ImportError: No module named selinux

I tried copying

“/usr/lib64/python2.4/site-packages/selinux to /usr/lib64/python2.6/site-packages/selinux ( this was empty earlier)”

it throws this error

python26
Python 2.6.8 (unknown, Nov 7 2012, 14:47:45)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-52)] on linux2
Type "help", "copyright", "credits" or "license" for more information.

import selinux
Traceback (most recent call last):
File "", line 1, in 
File "/usr/lib64/python2.6/site-packages/selinux/init.py", line 5, in 
import _selinux
ImportError: /usr/lib64/python2.6/site-packages/selinux/_selinux.so: undefined symbol: Py_InitModule4

And when copying

“/usr/lib64/python2.7/site-packages/selinux/init.py” ( from different centos 7 node) to /usr/lib64/python2.6/site-packages/selinux/

I get below error

2

Hi Prakash,

you have three options here:

1) disable selinux in /etc/selinux/config

Then you don't need libselinux-python at all

2) use ansible <= 2.3 for management of the RHEL 5 systems

Then you still can use python 2.4 provided by RHEL 5

3) build libselinux-python for python2.6 yourself

THIS PROBABLY VOIDS YOUR SUPPORT FROM RED HAT, so I wouldn't recommend this.

This one requires all your RHEL 5 servers to have the same version of
SELinux and you'll probably want to build this in a chroot or on a
dedicated build host.

The steps would be

* enable the source repo
* download and install the source rpm for libselinux
* install the build dependencies (and python26-devel)
* change the spec file so the resulting python package is not called
libselinux-python but libselinux-python26
* link /usr/bin/python to /usr/bin/python26
* build the new rpms

You should be able to only install the libselinux-python26 package (as
you didn't change the version of anything else) alongside the normal
libselinux-python from redhat.

Then ansible with ansible_python_interpreter=/usr/bin/python26 would
pick up the self-built libselinux-python26 and everything else should
still be using the system libselinux-python.

Sebastian

3

Thanks Sebastian, one of the best replies I have received from community . Keep up the good work.