microshift
microshift copied to clipboard
openshift
[BUG] ValueError: microshift_t must be an SELinux process domain
What happened:
https://microshift.io/docs/developer-documentation/local-development/#running-microshift
Encountered following error when executing (cd packaging/selinux && sudo make install):
semodule -i microshift.pp
sepolicy manpage --path . --domain microshift_t
ValueError: microshift_t must be an SELinux process domain:
Valid domains: abrt_t, abrt_dump_oops_t, abrt_handle_event_t, ...
What you expected to happen:
Successful execution and no errors.
How to reproduce it (as minimally and precisely as possible):
Following https://microshift.io/docs/developer-documentation/local-development/ by the letter.
sudo dnf install -y git make golang
git clone https://github.com/redhat-et/microshift.git
cd microshift
make DEBUG=true
sudo dnf install -y selinux-policy-devel
(cd packaging/selinux && sudo make install)
Anything else we need to know?:
Fixed with:
diff --git a/packaging/selinux/microshift.te b/packaging/selinux/microshift.te
index dac081b8..e5d38da1 100644
--- a/packaging/selinux/microshift.te
+++ b/packaging/selinux/microshift.te
@@ -1,5 +1,8 @@
policy_module(microshift, 1.0.0)
+type microshift_t;
+domain_type(microshift_t)
+
gen_require(`
type container_runtime_t, var_lib_t, container_var_lib_t, container_runtime_tmpfs_t, container_t;
class file { open read };
Environment:
- Microshift version (use
microshift version): main - Hardware configuration:
- OS (e.g:
cat /etc/os-release): Fedora 35 - Kernel (e.g.
uname -a): 5.16.16-200.fc35.x86_64 - Others:
Relevant Logs
Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.
If this issue is safe to close now please do so with /close.
/lifecycle stale
