RHV hypervisors should be able to properly run on a host where official DISA STIG profile for RHEL 8 is applied https://www.redhat.com/en/blog/disa-has-released-red-hat-enterprise-linux-8-stig http://static.open-scap.org/ssg-guides/ssg-rhel8-guide-stig.html https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems If running on official DISA STIG profile is not feasible due to technical limitations, then we need to create a hardening profile for RHV hypervisors based on official DISA STIG profile, where we would have disabled DISA STIG features which blocks proper functionality of RHV hypervisor.
The effort to make RHV Manager working with DISA STIG is tracked in BZ2015796
We are past 4.5.0 feature freeze, please re-target.
Update: I tested pass with the latest RHEL 8.6(RHEL-8.6.0-20220423.0-x86_64-dvd1.iso), which fapolicyd >= 1.1-6.
(In reply to cshao from comment #10) > Update: > I tested pass with the latest RHEL > 8.6(RHEL-8.6.0-20220423.0-x86_64-dvd1.iso), which fapolicyd >= 1.1-6. Verify this bug according above comments.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: RHV RHEL Host (ovirt-host) [ovirt-4.5.0] security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:4764