From 2edcefaa5da1ebca412ab937b136c251cb224ecc Mon Sep 17 00:00:00 2001
From: Ilya Dryomov <idryomov@gmail.com>
Date: Wed, 10 Jul 2024 13:25:21 +0200
Subject: [PATCH] teuthology/task/selinux: ignore denials in agetty

This was tracked in [1], but the addition of the context to the
allowlist in ceph.git commit 7a6389272aff ("qa: ignore container
checkpoint/restore related selinux denials for centos9") doesn't
cover krbd suite which doesn't pull in any distro snippets.

Since this denial has nothing to do with Ceph [2], let's ignore it
globally.

[1] http://tracker.ceph.com/issues/64616
[2] https://bugzilla.redhat.com/show_bug.cgi?id=2259622

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---
 teuthology/task/selinux.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/teuthology/task/selinux.py b/teuthology/task/selinux.py
index ca73907229..7b33b11b3c 100644
--- a/teuthology/task/selinux.py
+++ b/teuthology/task/selinux.py
@@ -137,6 +137,7 @@ class SELinux(Task):
             'comm="sssd"',
             'comm="sss_cache"',
             'context=system_u:system_r:NetworkManager_dispatcher_t:s0',
+            'context=system_u:system_r:getty_t:s0',
         ]
         se_allowlist = self.config.get('allowlist', [])
         if se_allowlist:
-- 
2.39.5