-
Bug
-
Resolution: Done
-
Critical
-
rhel-8.8.0
-
None
-
None
-
Critical
-
rhel-security-selinux
-
ssg_security
-
None
-
False
-
False
-
-
No
-
Red Hat Enterprise Linux
-
None
-
None
-
None
-
Unspecified Release Note Type - Unknown
-
-
x86_64
-
None
What were you trying to do that didn't work?
Post installation of Minimal UEFI RHEL 8.8 with ANSSI-BP-028 (high) profile, system fails to boot in emergency mode
How reproducible:
- Install VM using RHEL8.8 DVD ISO in UEFI mode
- Select DISK and configure custom layout as required by ANSSI-BP-028 (high) security profile.
- Select minimal software install.
- Select ANSSI-BP-028 (high) security profile
- Setup network configuration.
- Change root password and begin install.
- Reboot VM.
Expected results
System should boot normally without any issue
Actual results
System fails in emergency mode unable to mount /boot/efi
Additional Information
- The only reason system failed to boot as /boot/efi failed to mount.
- System boots fine when selinux is disabled. (Booting with parameter selinux=0)
- Same issue is observed even in old version RHEL 8.7
- When tried manually loading vfat module shows below error:
# modprobe -vvv vfat modprobe: INFO: custom logging function 0x55c3d23bff70 registered modprobe: INFO: Failed to insert module '/lib/modules/4.18.0-425.3.1.el8.x86_64/kernel/fs/fat/fat.ko.xz': Operation not permitted modprobe: ERROR: could not insert 'vfat': Operation not permitted modprobe: INFO: context 0x55c3d36a74a0 released insmod /lib/modules/4.18.0-425.3.1.el8.x86_64/kernel/fs/fat/fat.ko.xz
- account is impacted by
-
-
- Closed
-
