Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-1480

Cannot start openvswitch in image mode when selinux is enabled

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • ovs-dpdk
    • None
    • Cannot start openvswitch in image mode when selinux is enabled
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide

      Please mark each item below with ( / ) if completed or ( x ) if incomplete:

      ( ) The acceptance criteria defined below are met.

      Given a fresh RHEL 10 image-mode host with selinux-policy updated,

      When they run "systemctl enable --now openvswitch",

      Then the service reaches "active (running)" and the journal contains no AVC denials or "Context ... openvswitch_load_module_exec_t ... not valid".

      ( ) The epics work is available in a downstream build (nightly/Async or other)

      ( ) All cards under the epic have been moved to Done

      Show
      Please mark each item below with ( / ) if completed or ( x ) if incomplete: ( ) The acceptance criteria defined below are met. Given a fresh RHEL 10 image-mode host with selinux-policy updated, When they run "systemctl enable --now openvswitch", Then the service reaches "active (running)" and the journal contains no AVC denials or "Context ... openvswitch_load_module_exec_t ... not valid". ( ) The epics work is available in a downstream build (nightly/Async or other) ( ) All cards under the epic have been moved to Done
    • 100% To Do, 0% In Progress, 0% Done
    • Important

      This epic tracks all the effort needed to deliver the solution related to the bug described below.
      When running tests in image mode, `systemctl enable openvswitch --now` failed. Once set `setenforce 0`, it worked

      The reproducer using testing-farm

      testing-farm request -c TF=yes --git-url https://gitlab.cee.redhat.com/kernel-qe/networking/nmstate.git --compose RHEL-10.0-image-mode --git-ref sel_ovs_issue -c distro=RHEL-10.0 --test /bond_des --plan /anyhost

        1. output.txt
          275 kB

              ovsdpdk-bot ovsdpdk bot
              rh-ee-mshi1 Mingyu Shi
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: