-
Bug
-
Resolution: Done-Errata
-
Normal
-
CentOS Stream 9
-
selinux-policy-38.1.44-1.el9
-
None
-
None
-
rhel-sst-security-selinux
-
ssg_security
-
27
-
None
-
False
-
-
No
-
None
-
Unspecified Release Note Type - Unknown
-
None
What were you trying to do that didn't work?
Use coreos-installer as part of our tests.
Please provide the package NVR for which bug is seen:
selinux-policy-38.1.37-1.el9
How reproducible:
Always
Steps to reproduce
- Build a CentOS Stream CoreOS live ISO using coreos-assembler
- Run any of the `kola testiso` install tests
(I can provide more detailed steps if you'd like to reproduce this yourself.)
Expected results
Tests pass
Actual results
Tests fail
You can see all the denials encountered in https://github.com/openshift/os/issues/1514. As mentioned there, this appears to be a regression from https://github.com/fedora-selinux/selinux-policy/commit/55e9ed8edf (https://issues.redhat.com/browse/RHEL-22173). Reverting to selinux-policy-38.1.36-1.el9 makes the tests pass.
- blocks
-
COS-2811 Do a final review of permissive SELinux modules
- New
-
COS-2842 Stand up the c9s stream in the RHCOS pipeline
- Closed
- links to
-
RHBA-2024:130707 selinux-policy bug fix and enhancement update