What were you trying to do that didn't work?

Anaconda installer is trying to setup FIPS system mode by running fips-mode-setup --enable --no-bootcfg in a chroot environment which contains an ostree based filesystem.

Please provide the package NVR for which bug is seen:

crypto-policies-scripts-20231113-1.gite9247c2.el9.noarch

How reproducible:

Always

Steps to reproduce

1. Create an ostree commit and serve it over http (or an ostree container)
2. Use anaconda installer to deploy that commit with "ostreesetup"
    this can be done by providing a kickstart file at boot time with the following content "ostreesetup --osname=rhel --url=http://host.example.com/repo --ref=rhel/9/x86_64/edge --nogpg" where the url param corresponds to the root of the ostree commit served on step 1. Make sure fips=1 inst.ks=... kernel parameters are passed at boot time.
3. Provide the information required by the installer, perform the installation and reboot.
4. Login and check an initramfs file is present in /boot directory.

Expected results:

ostree is detected correctly and no initramfs regeneration is triggered.

Actual results

ostree is not detected correctly and a new initramfs generation is triggered.

Additional information

This seems to work in Fedora and although the ostree is not detected properly either, it makes some some additional checks that prevent the initramfs regeneration, mainly because of  https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a782a5578b3ef67d9bf6d8e6999807183f8e3ebc