https://bugzilla.suse.com/show_bug.cgi?id=1228540 https://bugzilla.suse.com/show_bug.cgi?id=1228540#c23 --- Comment #23 from Philippe Condé <conde.philippe@skynet.be> --- (In reply to Cathy Hu from comment #22)

staged for factory: https://build.opensuse.org/request/show/1198255

the changes are in security:SELinux now in policy 20240902:

i created a custom boolean `xen_use_qemu_for_dom0_disk_backend` for you, so you need to enable:

semodule boolean -m --on xen_use_qemu_for_dom0_disk_backend

also please run restorecon -Rv /var/lib/xen/xenstore after installing the staged policy package

then after reboot the AVCs should not pop up again, except the userdata ones. these are still waiting for @carnold

Hello, I did a zypper dup this morning and I have hpprol2:~ # zypper info selinux-policy Retrieving repository 'security:SELinux' metadata ......................................................................................................................................................................................................................[done] Building repository 'security:SELinux' cache ...........................................................................................................................................................................................................................[done] Loading repository data... Reading installed packages... Information for package selinux-policy: --------------------------------------- Repository : security:SELinux Name : selinux-policy Version : 20240902-273.1 Arch : noarch Vendor : obs://build.opensuse.org/security:SELinux Installed Size : 24.8 KiB Installed : Yes Status : out-of-date (version 20240830-272.1 installed) Source package : selinux-policy-20240902-273.1.src Upstream URL : https://github.com/fedora-selinux/selinux-policy.git Summary : SELinux policy configuration Description : A complete SELinux policy that can be used as the system policy for a variety of systems and used as the basis for creating other policies. hpprol2:~ # but when trying your command I receive this error hpprol2:~ # semodule boolean -m --on xen_use_qemu_for_dom0_disk_backend semodule: unrecognized option '--on' usage: semodule [option]... MODE... hpprol2:~ # semodule boolean -m --on xen_use_qemu_for_dom0_disk_backend Isz it not semanage in place of semodule? many thanks in advance Philippe -- You are receiving this mail because: You are on the CC list for the bug.