Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

F36 VM fails to display the network device information on console #1153

Closed
sohankunkerkar opened this issue Apr 5, 2022 · 13 comments · Fixed by coreos/fedora-coreos-config#1990
Closed

F36 VM fails to display the network device information on console #1153

sohankunkerkar opened this issue Apr 5, 2022 · 13 comments · Fixed by coreos/fedora-coreos-config#1990
Assignees
@aaradhak
Labels
F36 fallout/f36 jira for syncing to jira kind/bug

Comments

@sohankunkerkar
Copy link
Member

Describe the bug

FCOS-36 VM fails to display the network device information on the serial console.

Reproduction steps
Steps to reproduce the behavior:

  1. Download an FCOS QEMU image
  2. unxz fedora-coreos-36.20220325.1.0-qemu.x86_64.qcow2.xz
  3. Use virt-install to install a VM

Expected behavior

The network device information should be displayed on the console.

For e.g. ens2: 192.168.122.87 fe80::296e:b5ca:c85b:ed70

Actual behavior

The network device information is missing from the console.

System details

  • QEMU
  • Fedora CoreOS version: 36.20220325.1.0
@sohankunkerkar sohankunkerkar changed the title FCOS-36 VM fails to display the network device information on console F36 VM fails to display the network device information on console Apr 5, 2022
@aaradhak aaradhak self-assigned this Apr 13, 2022
@aaradhak aaradhak pinned this issue Apr 13, 2022
@aaradhak aaradhak unpinned this issue Apr 13, 2022
@dustymabe dustymabe mentioned this issue Apr 14, 2022
Closed
@sohankunkerkar
Copy link
Member Author

I think this issue is mostly related to #1156
As a workaround, If we set the SELinux to permissive mode, we would see the network device information on the console:

$ cosa run -c --kargs='enforcing=0'  --qemu-image fedora-coreos-36.20220325.1.0-qemu.x86_64.qcow2
Fedora CoreOS 36.20220325.1.0
Kernel 5.17.0-300.fc36.x86_64 on an x86_64 (ttyS0)

SSH host key: SHA256:QXCTTJ1XD7ATm+d7xjH0acBXiF6onkgfwcfF3klJuz0 (ECDSA)
SSH host key: SHA256:LrrKiADYVYG2Ecm2bRK1SA11ITVGu/uX101gFfa0CJ8 (ED25519)
SSH host key: SHA256:yvNdKoidNkRsiZUqbPJvh2FadFiB4r3LiBwh/US+tQU (RSA)
ens4: 10.0.2.15 fe80::c21:644a:fb6b:9bfc
Ignition: ran on 2022/04/18 20:39:37 UTC (this boot)
Ignition: user-provided config was applied

@sohankunkerkar
Copy link
Member Author

We need to write a test to verify if the network device information gets to the serial console of the machine i.e. a kola test that would fail if we encounter a similar situation in the future.

@aaradhak aaradhak added the jira for syncing to jira label Apr 25, 2022
@dustymabe
Copy link
Member

The fix for #1156 (see #1156 (comment)) appears to just lead us to another failure:

Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <info>  [1651002469.4414] manager: startup complete
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4472] dispatcher: (1) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4555] dispatcher: (2) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4601] dispatcher: (3) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4679] dispatcher: (4) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4725] dispatcher: (6) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4870] dispatcher: (7) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:49 cosa-devsh NetworkManager[1298]: <warn>  [1651002469.4922] dispatcher: (8) /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if failed (failed): Script '/etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if' exited with status 126.
Apr 26 19:47:51 cosa-devsh NetworkManager[1298]: <info>  [1651002471.2826] policy: set 'Wired connection 1' (ens7) as default for IPv6 routing and DNS

It does still seem to be SELinux related, just a different fix than #1156 (so we'll need to file a new bug). Here is what I see if I set enforcing=0 on the kernel command line:

Apr 26 20:00:58 cosa-devsh NetworkManager[1299]: <info>  [1651003258.4559] manager: startup complete
Apr 26 20:00:58 cosa-devsh systemd[1]: Starting polkit.service - Authorization Manager...
Apr 26 20:00:58 cosa-devsh systemd-resolved[1267]: ens7: Bus client set default route setting: yes
Apr 26 20:00:58 cosa-devsh systemd-resolved[1267]: ens7: Bus client set DNS server list to: 10.0.2.3
Apr 26 20:00:58 cosa-devsh polkitd[1442]: Started polkitd version 0.120
Apr 26 20:00:58 cosa-devsh polkitd[1442]: Loading rules from directory /etc/polkit-1/rules.d
Apr 26 20:00:58 cosa-devsh polkitd[1442]: Loading rules from directory /usr/share/polkit-1/rules.d
Apr 26 20:00:58 cosa-devsh polkitd[1442]: Finished loading, compiling and executing 4 rules
Apr 26 20:00:58 cosa-devsh polkitd[1442]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
Apr 26 20:00:58 cosa-devsh systemd[1]: Started polkit.service - Authorization Manager.
Apr 26 20:00:58 cosa-devsh audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Apr 26 20:00:58 cosa-devsh systemd[1]: iscsi.service: Unit cannot be reloaded because it is inactive.
Apr 26 20:00:58 cosa-devsh rpm-ostree[1411]: In idle state; will auto-exit in 60 seconds
Apr 26 20:00:58 cosa-devsh systemd[1]: Started rpm-ostreed.service - rpm-ostree System Management Daemon.
Apr 26 20:00:58 cosa-devsh audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpm-ostreed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Apr 26 20:00:58 cosa-devsh zincati[1380]: [INFO  zincati::cincinnati] Cincinnati service: https://updates.coreos.fedoraproject.org
Apr 26 20:00:58 cosa-devsh zincati[1380]: [INFO  zincati::cli::agent] agent running on node '447323dca5a44e389d253814be386a37', in update group 'default'
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { search } for  pid=1503 comm="mv" name="contexts" dev="vda4" ino=862076 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:default_context_t:s0 tclass=dir permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { search } for  pid=1503 comm="mv" name="files" dev="vda4" ino=1056953 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { read } for  pid=1503 comm="mv" name="file_contexts.subs_dist" dev="vda4" ino=1056960 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { open } for  pid=1503 comm="mv" path="/etc/selinux/targeted/contexts/files/file_contexts.subs_dist" dev="vda4" ino=1056960 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=55d90f9e3c90 a2=80000 a3=0 items=1 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: CWD cwd="/"
Apr 26 20:00:58 cosa-devsh audit: PATH item=0 name="/etc/selinux/targeted/contexts/files/file_contexts.subs_dist" inode=1056960 dev=fc:04 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:file_context_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { getattr } for  pid=1503 comm="mv" path="/etc/selinux/targeted/contexts/files/file_contexts.subs_dist" dev="vda4" ino=1056960 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=262 success=yes exit=0 a0=3 a1=7fc0f21f2f4e a2=7ffc363bcd20 a3=1000 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { map } for  pid=1503 comm="mv" path="/etc/selinux/targeted/contexts/files/file_contexts.bin" dev="vda4" ino=1056955 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=9 success=yes exit=140466669686784 a0=0 a1=8f087 a2=1 a3=2 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { read } for  pid=1503 comm="mv" name="perms" dev="selinuxfs" ino=67113331 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=dir permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffc363bccb0 a2=90800 a3=0 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { write } for  pid=1503 comm="mv" name="create" dev="selinuxfs" ino=7 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffc363bcc80 a2=80002 a3=0 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { compute_create } for  pid=1503 comm="mv" scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=security permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=1 success=yes exit=85 a0=3 a1=55d90fa8cff0 a2=55 a3=7ffc363bc9a7 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { setfscreate } for  pid=1503 comm="mv" scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tclass=process permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=1 success=yes exit=27 a0=3 a1=55d90fa8d190 a2=1b a3=0 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { write } for  pid=1503 comm="mv" name="issue.d" dev="vda4" ino=859608 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { add_name } for  pid=1503 comm="mv" name="22_clhm_ens7.issue" scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { create } for  pid=1503 comm="mv" name="22_clhm_ens7.issue" scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { write } for  pid=1503 comm="mv" path="/etc/issue.d/22_clhm_ens7.issue" dev="vda4" ino=862374 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=257 success=yes exit=4 a0=ffffff9c a1=7ffc363be9fb a2=c1 a3=180 items=4 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: CWD cwd="/"
Apr 26 20:00:58 cosa-devsh audit: PATH item=0 name=(null) inode=859608 dev=fc:04 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
Apr 26 20:00:58 cosa-devsh audit: PATH item=1 name=(null) nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
Apr 26 20:00:58 cosa-devsh audit: PATH item=2 name=(null) inode=859608 dev=fc:04 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
Apr 26 20:00:58 cosa-devsh audit: PATH item=3 name=(null) inode=862374 dev=fc:04 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { setattr } for  pid=1503 comm="mv" name="22_clhm_ens7.issue" dev="vda4" ino=862374 scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=280 success=yes exit=0 a0=4 a1=0 a2=7ffc363bdbe0 a3=0 items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565
Apr 26 20:00:58 cosa-devsh audit[1503]: AVC avc:  denied  { sys_admin } for  pid=1503 comm="mv" capability=21  scontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tcontext=system_u:system_r:NetworkManager_dispatcher_console_t:s0 tclass=capability permissive=1
Apr 26 20:00:58 cosa-devsh audit[1503]: SYSCALL arch=c000003e syscall=196 success=yes exit=17 a0=3 a1=0 a2=0 a3=7ffc363be9fb items=0 ppid=1498 pid=1503 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mv" exe="/usr/bin/mv" subj=system_u:system_r:NetworkManager_dispatcher_console_t:s0 key=(null)
Apr 26 20:00:58 cosa-devsh audit: PROCTITLE proctitle=6D76002D5A002F72756E2F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732F636F6E736F6C652D6C6F67696E2D68656C7065722D6D657373616765732E4E783350633250796A642E746D70002F6574632F69737375652E642F32325F636C686D5F656E73372E6973737565


[core@cosa-devsh ~]$ rpm -q selinux-policy
selinux-policy-36.8-1.fc37.noarch

@dustymabe
Copy link
Member

@aaradhak opened a BZ for this: https://bugzilla.redhat.com/show_bug.cgi?id=2080043

@dustymabe dustymabe mentioned this issue May 19, 2022
Closed
This was referenced May 31, 2022
Open
Closed
@dustymabe dustymabe mentioned this issue Jun 15, 2022
Closed
@travier
Copy link
Member

travier commented Aug 11, 2022
edited
Loading

I think this should be fixed with the new CLHM release. We'll need to double check.

@dustymabe
Copy link
Member

I think this should be fixed with the new CLHM release. We'll need to double check.

Still waiting on a bunch of random denials to get fixed. The latest is in https://bugzilla.redhat.com/show_bug.cgi?id=2080043#c17

aaradhak added a commit to aaradhak/fedora-coreos-config that referenced this issue Sep 13, 2022
@aaradhak
kola test to check the network device info
49e1cc5 
Ref: coreos/fedora-coreos-tracker#1153
@aaradhak aaradhak mentioned this issue Sep 13, 2022
Merged
aaradhak added a commit to aaradhak/fedora-coreos-config that referenced this issue Sep 13, 2022
@aaradhak
kola test to check the network device info
d1d2f74 
Ref: coreos/fedora-coreos-tracker#1153
BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
dustymabe pushed a commit to coreos/fedora-coreos-config that referenced this issue Sep 14, 2022
@aaradhak @dustymabe
kola test to check the network device info
35c359e 
Ref: coreos/fedora-coreos-tracker#1153
BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
coreosbot-releng pushed a commit to coreosbot-releng/os that referenced this issue Sep 15, 2022
@coreosbot
Bump fedora-coreos-config
ec07aca 
Aashish Radhakrishnan (2):
      kola test to check the network device info Ref: coreos/fedora-coreos-tracker#1153 BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
      added denial and snooze on network-device-info test

Colin Walters (1):
      tests:  Move skopeo test to rpm-ostree/container-deps
coreosbot-releng pushed a commit to coreosbot-releng/os that referenced this issue Sep 16, 2022
@coreosbot
Bump fedora-coreos-config
62e917b 
Aashish Radhakrishnan (2):
      kola test to check the network device info Ref: coreos/fedora-coreos-tracker#1153 BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
      added denial and snooze on network-device-info test

Colin Walters (1):
      tests:  Move skopeo test to rpm-ostree/container-deps
coreosbot-releng pushed a commit to coreosbot-releng/os that referenced this issue Sep 16, 2022
@coreosbot
Bump fedora-coreos-config
e17c503 
Aashish Radhakrishnan (2):
      kola test to check the network device info Ref: coreos/fedora-coreos-tracker#1153 BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
      added denial and snooze on network-device-info test

Benjamin Gilbert (2):
      tests/kola: move initrd tests into a subdirectory
      overlay: compress initrd with zstd -19 on FCOS and RHCOS/SCOS 9

Colin Walters (1):
      tests:  Move skopeo test to rpm-ostree/container-deps
@travier
Copy link
Member

travier commented Sep 27, 2022

The BZ mentioned here is now fixed and fedora-selinux/selinux-policy#1258 is closed, so we can probably re-test/revisit this one.

@dustymabe
Copy link
Member

dustymabe commented Sep 27, 2022
edited
Loading

@aaradhak - want to test this locally against testing-devel and then submit a PR to remove the denial?

@aaradhak
Copy link
Member

@dustymabe sure, will work on it.

@aaradhak
Copy link
Member

aaradhak commented Sep 27, 2022
edited
Loading

@dustymabe tested ext.config.clhm.network-device-info locally and the test passes in testing-devel.
Created a PR to remove the denial -> coreos/fedora-coreos-config#1990

@aaradhak aaradhak mentioned this issue Sep 27, 2022
Merged
aaradhak added a commit to aaradhak/fedora-coreos-config that referenced this issue Sep 27, 2022
@aaradhak
denylist: drop denials for clhm.network-device-info
7eb9ae2 
Drop denial as the test no longer fails because of
selinux-policy-36.13-3.fc36 update.

Closes coreos/fedora-coreos-tracker#1153
dustymabe pushed a commit to coreos/fedora-coreos-config that referenced this issue Sep 27, 2022
@aaradhak @dustymabe
denylist: drop denials for clhm.network-device-info
c20be07 
Drop denial as the test no longer fails because of
selinux-policy-36.13-3.fc36 update.

Closes coreos/fedora-coreos-tracker#1153
@dustymabe
Copy link
Member

This was fixed in selinux-policy-36.15-1.fc36, which should be in the next testing release.

@dustymabe dustymabe added the status/pending-testing-release Fixed upstream. Waiting on a testing release. label Sep 28, 2022
@dustymabe
Copy link
Member

The fix for this went into testing stream release 36.20221001.2.0. Please try out the new release and report issues.

@dustymabe dustymabe added status/pending-stable-release Fixed upstream and in testing. Waiting on stable release. and removed status/pending-testing-release Fixed upstream. Waiting on a testing release. labels Oct 18, 2022
@dustymabe
Copy link
Member

The fix for this went into stable stream release 36.20221001.3.0.

@dustymabe dustymabe removed the status/pending-stable-release Fixed upstream and in testing. Waiting on stable release. label Oct 18, 2022
HuijingHei pushed a commit to HuijingHei/fedora-coreos-config that referenced this issue Oct 10, 2023
@aaradhak @HuijingHei
kola test to check the network device info
e5c9a1a 
Ref: coreos/fedora-coreos-tracker#1153
BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
HuijingHei pushed a commit to HuijingHei/fedora-coreos-config that referenced this issue Oct 10, 2023
@aaradhak @HuijingHei
denylist: drop denials for clhm.network-device-info
79cc8b9 
Drop denial as the test no longer fails because of
selinux-policy-36.13-3.fc36 update.

Closes coreos/fedora-coreos-tracker#1153
HuijingHei pushed a commit to HuijingHei/fedora-coreos-config that referenced this issue Oct 10, 2023
@aaradhak @HuijingHei
kola test to check the network device info
d8b55f0 
Ref: coreos/fedora-coreos-tracker#1153
BZ : https://bugzilla.redhat.com/show_bug.cgi?id=2080043
HuijingHei pushed a commit to HuijingHei/fedora-coreos-config that referenced this issue Oct 10, 2023
@aaradhak @HuijingHei
denylist: drop denials for clhm.network-device-info
55a9b3d 
Drop denial as the test no longer fails because of
selinux-policy-36.13-3.fc36 update.

Closes coreos/fedora-coreos-tracker#1153
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aaradhak aaradhak

Labels
F36 fallout/f36 jira for syncing to jira kind/bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

denylist: drop denials for clhm.network-device-info aaradhak/fedora-coreos-config
4 participants
@dustymabe @sohankunkerkar @travier @aaradhak