SELinux boolean os_enable_vtpm does not exist
Bug #1998348 reported by
Ananya Banerjee
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Invalid
|
Critical
|
Unassigned |
Bug Description
Centos 9 component standalone jobs are failing standalone deploy with
FATAL | Enable os_enable_vtpm SELinux boolean for vTPM | standalone | error={"changed": false, "msg": "SELinux boolean os_enable_vtpm does not exist."}
This is because whenever SELinux is permissive `rpm -V openstack-selinux' doesnt work (from what Tengu found out - logs below in comment)
For now the workaround is to downgrade selinux-policy package.
Github issue: https:/
To post a comment you must log in.
This is what Tengu found out:
[zuul@standalone ~]$ sudo rpm -Vv openstack-selinuxlicenses/openstack-selinuxlicenses/openstack-selinux/COPYINGopenstack-selinuxopenstack-selinux/0.8.36openstack-selinux/0.8.36/local_settings.shselinux/packages/os-barbican.pp.bz2selinux/packages/os-certmonger.pp.bz2selinux/packages/os-cinder.pp.bz2selinux/packages/os-collectd.pp.bz2selinux/packages/os-dnsmasq.pp.bz2selinux/packages/os-glance.pp.bz2selinux/packages/os-gnocchi.pp.bz2selinux/packages/os-haproxy.pp.bz2selinux/packages/os-httpd.pp.bz2selinux/packages/os-ipxe.pp.bz2selinux/packages/os-keepalived.pp.bz2selinux/packages/os-keystone.pp.bz2selinux/packages/os-logrotate.pp.bz2selinux/packages/os-mongodb.pp.bz2selinux/packages/os-mysql.pp.bz2selinux/packages/os-neutron.pp.bz2selinux/packages/os-nova.pp.bz2selinux/packages/os-octavia.pp.bz2selinux/packages/os-ovs-el9.pp.bz2selinux/packages/os-ovs.pp.bz2selinux/packages/os-pbis.pp.bz2selinux/packages/os-podman.pp.bz2selinux/packages/os-rabbitmq.pp.bz2selinux/packages/os-redis.pp.bz2selinux/packages/os-rsync.pp.bz2selinux/packages/os-rsyslog.pp.bz2selinux/packages/os-swift.pp.bz2selinux/packages/os-timemaster.pp.bz2selinux/packages/os-virt.pp.bz2licenses/openstack-selinuxlicenses/openstack-selinux/COPYINGopenstack-selinuxopenstack-selinux/0.8.36openstack-selinux/0.8.36/local_settings.shselinux/packages/os-barbican.pp.bz2selinux/packages/os-certmonger.pp.bz2selinux/packages/os-cinder.pp.bz2selinux/packages/os-collect...
......... /usr/share/
......... l /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
SELinux is permissive
[zuul@standalone ~]$ sudo setenforce 1
[zuul@standalone ~]$ sudo rpm -Vv openstack-selinux
......... /usr/share/
......... l /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/
......... /usr/share/