Uploaded image for project: 'OpenShift Virtualization'
  1. OpenShift Virtualization
  2. CNV-28245

[2188144] Custom SELinux policy for virt_launcher still present on CNV with DisableCustomSELinuxPolicy feature gate enabled

XMLWordPrintable

    • Medium
    • None

      Description of problem:
      On a fresh installed cluster I have feature gate added to kubevirt:

      > $ oc describe kubevirt -n openshift-cnv | grep DisableCustomSELinuxPolicy
      > DisableCustomSELinuxPolicy

      but custom policy still present on nodes:

      > $ sh-5.1# semodule -l | grep virt_launcher
      > virt_launcher

      Version-Release number of selected component (if applicable):
      4.13

      How reproducible:
      100%

      Steps to Reproduce:
      1. Install CNV
      2. Check feature gate added by default
      3. check custom selinux policy

      Actual results:
      custom selinux policy for virt_launcher exists

      Expected results:
      no custom selinux policy for virt_launcher

      Additional info:

              jelejosne Jed Lejosne
              dshchedr@redhat.com Denys Shchedrivyi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: