SELinux boolean os_enable_vtpm does not exist
Bug #1998348 reported by
Ananya Banerjee
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Invalid
|
Critical
|
Unassigned |
Bug Description
Centos 9 component standalone jobs are failing standalone deploy with
FATAL | Enable os_enable_vtpm SELinux boolean for vTPM | standalone | error={"changed": false, "msg": "SELinux boolean os_enable_vtpm does not exist."}
This is because whenever SELinux is permissive `rpm -V openstack-selinux' doesnt work (from what Tengu found out - logs below in comment)
For now the workaround is to downgrade selinux-policy package.
Github issue: https:/
To post a comment you must log in.
This is what Tengu found out:
[zuul@standalone ~]$ sudo rpm -Vv openstack-selinux licenses/ openstack- selinux licenses/ openstack- selinux/ COPYING openstack- selinux openstack- selinux/ 0.8.36 openstack- selinux/ 0.8.36/ local_settings. sh selinux/ packages/ os-barbican. pp.bz2 selinux/ packages/ os-certmonger. pp.bz2 selinux/ packages/ os-cinder. pp.bz2 selinux/ packages/ os-collectd. pp.bz2 selinux/ packages/ os-dnsmasq. pp.bz2 selinux/ packages/ os-glance. pp.bz2 selinux/ packages/ os-gnocchi. pp.bz2 selinux/ packages/ os-haproxy. pp.bz2 selinux/ packages/ os-httpd. pp.bz2 selinux/ packages/ os-ipxe. pp.bz2 selinux/ packages/ os-keepalived. pp.bz2 selinux/ packages/ os-keystone. pp.bz2 selinux/ packages/ os-logrotate. pp.bz2 selinux/ packages/ os-mongodb. pp.bz2 selinux/ packages/ os-mysql. pp.bz2 selinux/ packages/ os-neutron. pp.bz2 selinux/ packages/ os-nova. pp.bz2 selinux/ packages/ os-octavia. pp.bz2 selinux/ packages/ os-ovs- el9.pp. bz2 selinux/ packages/ os-ovs. pp.bz2 selinux/ packages/ os-pbis. pp.bz2 selinux/ packages/ os-podman. pp.bz2 selinux/ packages/ os-rabbitmq. pp.bz2 selinux/ packages/ os-redis. pp.bz2 selinux/ packages/ os-rsync. pp.bz2 selinux/ packages/ os-rsyslog. pp.bz2 selinux/ packages/ os-swift. pp.bz2 selinux/ packages/ os-timemaster. pp.bz2 selinux/ packages/ os-virt. pp.bz2 licenses/ openstack- selinux licenses/ openstack- selinux/ COPYING openstack- selinux openstack- selinux/ 0.8.36 openstack- selinux/ 0.8.36/ local_settings. sh selinux/ packages/ os-barbican. pp.bz2 selinux/ packages/ os-certmonger. pp.bz2 selinux/ packages/ os-cinder. pp.bz2 selinux/ packages/ os-collect. ..
......... /usr/share/
......... l /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
SELinux is permissive
[zuul@standalone ~]$ sudo setenforce 1
[zuul@standalone ~]$ sudo rpm -Vv openstack-selinux
......... /usr/share/
......... l /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/