https://bugzilla.suse.com/show_bug.cgi?id=1226398 https://bugzilla.suse.com/show_bug.cgi?id=1226398#c9 Santiago Zarate <santiago.zarate@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |santiago.zarate@suse.com --- Comment #9 from Santiago Zarate <santiago.zarate@suse.com> --- It seems that the issue is still present, when looking at the log file: ninlil:~ # cat /var/log/swtpm/libvirt/qemu/istabl-antar02-kiwitcms-swtpm.log swtpm at /usr/bin/swtpm does not support TPM 2 and here are the messages from selinux: ```

ninlil:~ # ausearch -i -m avc,user_avc,selinux_err,user_selinux_err -ts 15:00 ---- type=AVC msg=audit(07/29/24 15:45:21.167:42872) : avc: denied { read } for pid=87999 comm=qemu-img name=max_map_count dev="proc" ino=11483 scontext=system_u:system_r:virtstoraged_t:s0 tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file permissive=1 ---- type=AVC msg=audit(07/29/24 15:45:21.167:42873) : avc: denied { open } for pid=87999 comm=qemu-img path=/proc/sys/vm/max_map_count dev="proc" ino=11483 scontext=system_u:system_r:virtstoraged_t:s0 tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file permissive=1 ---- type=AVC msg=audit(07/29/24 15:45:21.167:42874) : avc: denied { getattr } for pid=87999 comm=qemu-img path=/proc/sys/vm/max_map_count dev="proc" ino=11483 scontext=system_u:system_r:virtstoraged_t:s0 tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file permissive=1 ---- type=AVC msg=audit(07/29/24 15:45:22.417:42907) : avc: denied { setattr } for pid=5838 comm=rpc-virtqemud name=istabl-antar02-kiwitcms-swtpm.log dev="md127p2" ino=846892 scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=1 ---- type=AVC msg=audit(07/29/24 15:45:22.427:42908) : avc: denied { open } for pid=88068 comm=swtpm path=/var/log/swtpm/libvirt/qemu/istabl-antar02-kiwitcms-swtpm.log dev="md127p2" ino=846892 scontext=system_u:system_r:swtpm_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=0 ---- type=AVC msg=audit(07/29/24 15:45:22.430:42909) : avc: denied { write } for pid=88069 comm=rpc-virtqemud name=istabl-antar02-kiwitcms-swtpm.log dev="md127p2" ino=846892 scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=1 ---- type=AVC msg=audit(07/29/24 15:45:22.437:42910) : avc: denied { relabelfrom } for pid=88069 comm=rpc-virtqemud name=istabl-antar02-kiwitcms-swtpm.log dev="md127p2" ino=846892 scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=1 ---- type=AVC msg=audit(07/29/24 15:45:22.437:42911) : avc: denied { relabelto } for pid=88069 comm=rpc-virtqemud name=istabl-antar02-kiwitcms-swtpm.log dev="md127p2" ino=846892 scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=1

-- 
You are receiving this mail because:
You are on the CC list for the bug.