Description of problem: fuse-overlayfs contains /usr/lib/modules-load.d/fuse-overlayfs.conf with the contents 'fuse'. This causes systemd-load-modules to fail with kernel 5.0.6 Version-Release number of selected component (if applicable): fuse-overlayfs-0.3-8.dev.gita6958ce kernel-5.0.6-300.fc30.x86_64 How reproducible: Seems always Steps to Reproduce: 1. Install Fedora 30 2. Install fuse-overlayfs 3. Reboot Actual results: Service fails with an error message to the effect, Failed to lookup alias 'fuse' Expected results: systemd-modules-load starts normally Additional info: worked around it for now by uninstall fuse-overlayfs
Dan, should we drop the patch for loading the fuse module?
Is the fuse module always loaded? Has the fuse module been renamed?
The module is still called fuse. $ lsmod | grep fuse fuse 131072 7
looks like a selinux issue: type=AVC msg=audit(1554819688.831:386): avc: denied { read } for pid=3180 comm="systemd-modules" name="modules.softdep" dev="dm-0" ino=788279 scontext=system_u:system_r:systemd_modules_load_t:s0 tcontext=unconfined_u:object_r:modules_dep_t:s0 tclass=file permissive=0 Jason, could you try again with selinux disabled?
Yes, good catch, booting in permissive it works. I see these: type=AVC msg=audit(1554755106.391:397): avc: denied { read } for pid=4830 comm="systemd-modules" name="modules.softdep" dev="dm-1" ino=539027258 scontext=system_u:system_r:systemd_modules_load_t:s0 tcontext=system_u:object_r:modules_dep_t:s0 tclass=file permissive=0 type=AVC msg=audit(1554755106.391:398): avc: denied { read } for pid=4830 comm="systemd-modules" name="modules.dep.bin" dev="dm-1" ino=539027494 scontext=system_u:system_r:systemd_modules_load_t:s0 tcontext=system_u:object_r:modules_dep_t:s0 tclass=file permissive=0 type=AVC msg=audit(1554755106.391:399): avc: denied { read } for pid=4830 comm="systemd-modules" name="modules.dep.bin" dev="dm-1" ino=539027494 scontext=system_u:system_r:systemd_modules_load_t:s0 tcontext=system_u:object_r:modules_dep_t:s0 tclass=file permissive=0 type=AVC msg=audit(1554755106.391:400): avc: denied { read } for pid=4830 comm="systemd-modules" name="modules.alias.bin" dev="dm-1" ino=539027257 scontext=system_u:system_r:systemd_modules_load_t:s0 tcontext=system_u:object_r:modules_dep_t:s0 tclass=file permissive=0
commit 021823926ae7bff86e92ea8d119d5150c0d89a63 Author: Lukas Vrabec <lvrabec> Date: Tue Apr 9 10:27:54 2019 +0200 Allow systemd_modules_load to read modules_dep_t files
selinux-policy-3.14.3-28.fc30 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-b514a5c8a3
selinux-policy-3.14.3-28.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-b514a5c8a3
selinux-policy-3.14.3-29.fc30 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-7cb094d99a
selinux-policy-3.14.3-29.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.