Bug 2164847

Summary: [RFE] Ability to disable non-etm MACs
Product: [Fedora] Fedora Reporter: Ravindra Patil <ravpatil>
Component: crypto-policiesAssignee: Red Hat Crypto Team <crypto-team>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: asosedki, bugzilla-redhat, crypto-team, luk.claes, mail, rrelyea, tm, xspielinbox+redhat
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Comment 2 xspielinbox+redhat 2023-01-30 22:04:31 UTC
This issue also exists in RHEL 9 and Fedora 37.
The lack of this feature currently prevents me from using the system-wide crypto-policies.

However, I think that a system-wide crypto-policy is great and strongly needed and therefore would be very happy, if this could get resolved.
How could one potentially help with that?

Comment 3 Alexander Sosedkin 2023-01-31 10:56:33 UTC
(replied in upstream discussion in order to keep the discussion in one place: https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/issues/40)

Comment 4 Alexander Sosedkin 2023-03-28 13:16:20 UTC
*** Bug 2138540 has been marked as a duplicate of this bug. ***

Comment 5 Alexander Sosedkin 2023-04-25 13:20:05 UTC
Converting to Fedora bug, because I do want to address this request one day, but I don't have a clear way forward, and whatever the solution will be, it's unlikely to be ported to even RHEL-9 at this point, let alone 8. For them, opting out of crypto-policies is the supported solution.