BackgroundWe have a three-server landscape that serves our internal applications. All of them were running nginx on RHEL linux. The nginx were installed from EPEL repository packages. Two days ago I updated the nginx in one server (lets say server A) in order to repackage it after enhancing it with HttpSubsModule, during the compilation process it complains about missing kernel functionality. For the compile to be success, I updated kernel-devel and kernel packages (in server A) to the latest one. After the compilation succeeded, I copied the resulting rpm to server B and installed it.
Investigation : Eventfd not implemented
eventfd() failed (38: Function not implemented)
The root cause of this is that the nginx EPEL package doesn't correctly specify the true minimum kernel version required for it to work.yum update kernelreboot
Investigation: SELinux prevents text relocation
setroubleshoot: SELinux is preventing php from loading /opt/oracle/instantclient/libclntsh.so which requires text relocation. For complete SELinux messages. run sealert -l ac5924e8-3af4-4f26-8d79-e5eedf9d9d7a
You could see the resulting attributes on all files usingchcon -t texrel_shlib_t *.sochcon -t texrel_shlib_t *.so.10.1
ls -lZWhy this haven't occured before the kernel update? Maybe SELinux permission is gotten more restricted in recent kernels. But I am not certain about that. I wonder whether SELinux attributes could be specified in rpm packages. If that is so, a better solution for the world is that to build a better rpm package containing instant client, oci8, and required SELinux permissions. But I wonder would that violate Oracle's EULA..