Rawhide `basic.uefi` failing on "Found systemd generator failure (/usr/lib/systemd/system-generators/systemd-bless-boot-generator)"

[jlebon]

[2024-06-03T13:06:04.223Z] --- FAIL: basic.uefi (41.78s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/FCOSGrowpart (0.14s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/PortSSH (0.12s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/DbusPerms (0.34s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/ServicesActive (0.13s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/ReadOnly (0.11s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/Useradd (0.23s)
[2024-06-03T13:06:04.223Z]     --- PASS: basic.uefi/MachineID (0.11s)
[2024-06-03T13:06:04.223Z]         harness.go:1738: Found systemd generator failure (/usr/lib/systemd/system-generators/systemd-bless-boot-generator) on machine bb574d1f-ec2c-4440-b23b-7355ebd48dcd console

Looks like SELinux issues:

Welcome to Fedora CoreOS 41.20240603.91.0!

[    9.017945] systemd[1]: Initializing machine ID from VM UUID.
[    9.334184] systemd[1]: bpf-lsm: LSM BPF program attached
[    9.341943] audit: type=1400 audit(1717419389.383:4): avc:  denied  { map_read map_write } for  pid=1339 comm="bootc-systemd-g" scontext=system_u:system_r:systemd_generic_generator_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=bpf permissive=1
[    9.347878] audit: type=1400 audit(1717419389.389:5): avc:  denied  { map_read map_write } for  pid=1341 comm="coreos-installe" scontext=system_u:system_r:coreos_installer_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=bpf permissive=1
[    9.352927] audit: type=1400 audit(1717419389.392:6): avc:  denied  { map } for  pid=1342 comm="coreos-liveiso-" path="/usr/bin/bash" dev="vda4" ino=1355773 scontext=system_u:system_r:systemd_generic_generator_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
[    9.356001] audit: type=1400 audit(1717419389.392:7): avc:  denied  { execute } for  pid=1342 comm="coreos-liveiso-" path="/usr/bin/bash" dev="vda4" ino=1355773 scontext=system_u:system_r:systemd_generic_generator_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
[    9.374316] audit: type=1400 audit(1717419389.415:8): avc:  denied  { read } for  pid=1342 comm="coreos-liveiso-" name="passwd" dev="vda4" ino=3635411 scontext=system_u:system_r:systemd_generic_generator_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1
[    9.380334] audit: type=1400 audit(1717419389.419:9): avc:  denied  { open } for  pid=1342 comm="coreos-liveiso-" path="/etc/passwd" dev="vda4" ino=3635411 scontext=system_u:system_r:systemd_generic_generator_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1
[    9.383376] audit: type=1400 audit(1717419389.419:10): avc:  denied  { getattr } for  pid=1342 comm="coreos-liveiso-" path="/etc/passwd" dev="vda4" ino=3635411 scontext=system_u:system_r:systemd_generic_generator_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1
[    9.392642] audit: type=1400 audit(1717419389.429:11): avc:  denied  { map_read map_write } for  pid=1348 comm="selinux-autorel" scontext=system_u:system_r:selinux_autorelabel_generator_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=bpf permissive=0
[    9.470657] systemd-bless-boot-generator[1350]: Failed to check if LoaderBootCountPath EFI variable exists: Permission denied
[    9.494468] systemd-getty-generator[1360]: Failed to parse $SYSTEMD_GETTY_AUTO environment variable, ignoring: Permission denied
[    9.525619] zram_generator::config[1376]: No configuration found.
[    9.543475] (sd-exec-[1338]: /usr/lib/systemd/system-generators/systemd-bless-boot-generator failed with exit status 1.

console.txt

[jlebon]

I think this is just part of https://github.com/coreos/fedora-coreos-tracker/issues/1735, so closing as dupe.