Zram generator fails to create zram device

archlinuxhardened / selinux-policy-arch

SELinux policy with Arch Linux specific changes. Based on the refrence policy

GNU General Public License v2.0

31 stars 5 forks source link

Zram generator fails to create zram device #3

Open Lunarequest opened 2 years ago

Lunarequest commented 2 years ago

When selinux is set to enforcing it prevents zram from creating the device. This results in the service never succeeding and prevent login. Any help would be appreciated.

github-actions[bot] commented 1 year ago

This issue has not had any recent activity. It will be closed in 7 days if it makes no further progress.

Lunarequest commented 1 year ago

Still a issue

chrisschnei commented 1 year ago

Hello @Lunarequest the problem is that systemd_generator_t uses modprobe to load the zram kernel module. This call is blocked because systemd_generator_t is not allowed to transition to kmod_t. Commit https://github.com/SELinuxProject/refpolicy/commit/26eb377014bfd1f85591aca20f25ee0b546c245f should fix this issue.