Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

swtpm fails due to selinux on ucore-hci #190

Closed
bsherman opened this issue Aug 24, 2024 · 0 comments · Fixed by #192
Closed

swtpm fails due to selinux on ucore-hci #190

bsherman opened this issue Aug 24, 2024 · 0 comments · Fixed by #192
Assignees
@bsherman
Labels
bug Something isn't working

Comments

@bsherman
Copy link
Collaborator 

Aug 24 13:11:02 glend setroubleshoot[46820]: SELinux is preventing rpc-virtqemud from create access on the directory swtpm. For complete SELinux messages run: sealert ->
Aug 24 13:11:02 glend setroubleshoot[46820]: SELinux is preventing rpc-virtqemud from create access on the directory swtpm.
                                             
                                             *****  Plugin catchall (100. confidence) suggests   **************************
                                             
                                             If you believe that rpc-virtqemud should be allowed create access on the swtpm directory by default.
                                             Then you should report this as a bug.
                                             You can generate a local policy module to allow this access.
                                             Do
                                             allow this access for now by executing:
                                             # ausearch -c 'rpc-virtqemud' --raw | audit2allow -M my-rpcvirtqemud
                                             # semodule -X 300 -i my-rpcvirtqemud.pp

This is a known issue which is solved in bluefin/bazzite by adding a swtpm-workaround service.
@bsherman bsherman added the bug Something isn't working label Aug 24, 2024
bsherman added a commit that referenced this issue Aug 24, 2024
@bsherman
fix: swtpm and libvirt selinux issues on ucore-hci
c159517 
Fixes: #190

I've run into the swtpm issue on my ucore installs and others have hit
libvirt log dir issues. These workarounds were already present in
Bluefin. Borrowed the fixes from there.
@bsherman bsherman self-assigned this Aug 24, 2024
@bsherman bsherman linked a pull request Aug 24, 2024 that will close this issue
fix: various selinux issues #192
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bsherman bsherman

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: various selinux issues ublue-os/ucore
1 participant
@bsherman