works here.
works here.
Works for me.
I made some more investigations, and reported https://bugzilla.redhat.com/show_bug.cgi?id=2342260. This really is specific to updating selinux-policy together with some other foo-selinux in the same dnf run. Updating separately works. The observable difference other than the "policy rejections" is that "semodule -l" has an additional "extra_binsbin" policy in the broken case.
In https://github.com/cockpit-project/cockpit-machines/issues/1989 cockpit-machines nightly test ran against a VM which already had the new pcp-selinux installed, so it's not unpack order after all. It of course still could be related to some interference with pcp-6.3.2-3.fc41
There is something a lot more subtle going on, I updated notes in https://github.com/cockpit-project/cockpit-machines/issues/1983
This feels very sensitive to upgrade/unpack order.
Cockpit's nightly CI run against updates-testing found a regression, see https://github.com/cockpit-project/cockpit-machines/issues/1983 for details. virt-instalal fails with
internal error: process exited while connecting to monitor: 2025-01-18T04:40:53.357895Z qemu-system-x86_64: -blockdev {\"driver\":\"nbd\",\"server\":{\"type\":\"unix\",\"path\":\"/var/lib/libvirt/qemu/domain-1-subVmTestCreate1/nbdkit-libvirt-1-storage.socket\"},\"node-name\":\"libvirt-1-storage\",\"read-only\":true}: Failed to connect to '/var/lib/libvirt/qemu/domain-1-subVmTestCreate1/nbdkit-libvirt-1-storage.socket': Permission denied Domain installation does not appear to have been successful.
The journal shows the corresponding failure:
type=AVC msg=audit(1737175253.355:637): avc: denied { connectto } for pid=4246 comm="nbd-connect" path="/var/lib/libvirt/qemu/domain-1-subVmTestCreate1/nbdkit-libvirt-1-storage.socket" scontext=system_u:system_r:svirt_tcg_t:s0:c172,c897 tcontext=system_u:system_r:nbdkit_t:s0:c172,c897 tclass=unix_stream_socket permissive=0
(test works after setenforce 1)
I didn't investigate this very deeply yet -- it's Saturday early morning, and next week our team is on a sprint and not able to react timely to such issues. But we need to stop the regression from landing in stable updates.
Works here as well, thanks!
Updates/works fine here.
Updates and works fine.
Update and pages work fine here.
works fine.
Installs, upgrades, works.
Installs, upgrades, works.
rpminspect failures are expected. I sent https://github.com/rpminspect/rpminspect-data-fedora/pull/60 to clear them.
rpminspect failures are expected. I sent https://github.com/rpminspect/rpminspect-data-fedora/pull/60 to clear them.
Last night's cockpit tests are happy again, too, thanks!
https://cockpit-logs.us-east-1.linodeobjects.com/pull-0-d76cadd5-20241203-013139-fedora-41-updates-testing/log.html https://cockpit-logs.us-east-1.linodeobjects.com/pull-0-e6e46082-20241203-022518-fedora-41-updates-testing/log.html
Verified with our tests, thanks!
works here.