{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 7, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Update container-selinux to fix kernel issue with rootless podman", "type": "unspecified", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-07-15 18:45:25", "date_modified": null, "date_approved": null, "date_testing": "2021-07-20 01:00:54", "date_stable": "2021-07-28 01:31:34", "alias": "FEDORA-2021-862d1936a6", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2021-07-28 01:31:34", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2021-862d1936a6", "title": "container-selinux-2.163.0-2.fc33", "version_hash": "5b2c7e85023b3333636044ebe7c129794b7f85e9", "release": {"name": "F33", "long_name": "Fedora 33", "version": "33", "id_prefix": "FEDORA", "branch": "f33", "dist_tag": "f33", "stable_tag": "f33-updates", "testing_tag": "f33-updates-testing", "candidate_tag": "f33-updates-candidate", "pending_signing_tag": "f33-signing-pending", "pending_testing_tag": "f33-updates-testing-pending", "pending_stable_tag": "f33-updates-pending", "override_tag": "f33-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "dwalsh", "email": "dwalsh@redhat.com", "id": 1643, "avatar": "https://seccdn.libravatar.org/avatar/1c5e583ab8b950eb480915ed4b094dd68fe4e57e7f46a031473ae383bf4d5495?s=24&d=retro", "openid": "dwalsh.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "summer-coding"}, {"name": "container-sig"}, {"name": "cla_redhat"}, {"name": "hgsetroubleshoot"}, {"name": "gitsetroubleshoot"}, {"name": "cvspolicycoreutils"}, {"name": "gitsystem-config-selinux"}, {"name": "gitselinux-policy"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by dwalsh. ", "timestamp": "2021-07-15 18:45:25", "update_id": 323253, "user_id": 91, "id": 2118837, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-07-15 18:45:26", "update_id": 323253, "user_id": 91, "id": 2118838, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-07-15 18:45:26", "update_id": 323253, "user_id": 91, "id": 2118839, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-07-15 19:41:21", "update_id": 323253, "user_id": 91, "id": 2118886, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-07-16 01:57:42", "update_id": 323253, "user_id": 91, "id": 2119274, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "@dwalsh what is this suppose to address?\n\nUsing podman CI's `hack/get_ci_vm.sh`, manually updating the VM with all latest packages (including kernel), installing this update, then running the podman `int podman fedora-33 root host` tests, I'm still seeing this all over the place:\n\n```\n[BeforeEach] Podman exec\n  /var/tmp/go/src/github.com/containers/podman/test/e2e/exec_test.go:21\n[It] podman exec --privileged with user\n  /var/tmp/go/src/github.com/containers/podman/test/e2e/exec_test.go:311\nRunning: /var/tmp/go/src/github.com/containers/podman/bin/podman --storage-opt vfs.imagestore=/tmp/podman/imagecachedir --root /tmp/podman_test992079153/crio --runroot /tmp/podman_test992079153/crio-run --runtime crun --conmon /usr/bin/conmon --cni-config-dir /etc/cni/net.d --cgroup-manager systemd --tmpdir /tmp/podman_test992079153 --events-backend file --storage-driver vfs run --privileged --user=bin --rm quay.io/libpod/alpine:latest sh -c grep ^CapBnd /proc/self/status | cut -f 2\nError: open /dev/dma_heap: permission denied\n```\n\nFWIW: The **vast** majority (maybe all) of test failures involve the podman `--privileged` argument.", "timestamp": "2021-07-16 16:59:11", "update_id": 323253, "user_id": 4727, "id": 2119891, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cevich", "email": "cevich@redhat.com", "id": 4727, "avatar": "https://seccdn.libravatar.org/avatar/8fb075bfec22aee1e2ae03437b2eec711d82de524bc1fb225303f9646150c9c1?s=24&d=retro", "openid": "cevich.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "cla_redhat"}]}}, {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-07-16 17:03:38", "update_id": 323253, "user_id": 4727, "id": 2119892, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cevich", "email": "cevich@redhat.com", "id": 4727, "avatar": "https://seccdn.libravatar.org/avatar/8fb075bfec22aee1e2ae03437b2eec711d82de524bc1fb225303f9646150c9c1?s=24&d=retro", "openid": "cevich.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "cla_redhat"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.", "timestamp": "2021-07-16 17:03:38", "update_id": 323253, "user_id": 91, "id": 2119893, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "That is an selinux-policy issue nothing to do with this package.  But anyways this package was broken and a new version should be showing up.\n\nThe dma_heap, problem should be fixed by updating to the latest selinux-policy package.", "timestamp": "2021-07-16 17:54:05", "update_id": 323253, "user_id": 1643, "id": 2119917, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "dwalsh", "email": "dwalsh@redhat.com", "id": 1643, "avatar": "https://seccdn.libravatar.org/avatar/1c5e583ab8b950eb480915ed4b094dd68fe4e57e7f46a031473ae383bf4d5495?s=24&d=retro", "openid": "dwalsh.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "summer-coding"}, {"name": "container-sig"}, {"name": "cla_redhat"}, {"name": "hgsetroubleshoot"}, {"name": "gitsetroubleshoot"}, {"name": "cvspolicycoreutils"}, {"name": "gitsystem-config-selinux"}, {"name": "gitselinux-policy"}]}}, {"karma": 1, "karma_critpath": 0, "text": "> nothing to do with this package\n\nOkay, you would know best.  I'll flip karma positive then, since I didn't notice anything else but the dma_heap problem.\n\n> The dma_heap, problem should be fixed by updating to the latest selinux-policy package.\n\nSo I guess we're still waiting for the selinux-policy update then?  The testing I ran was on a fully updated VM (as of a few hours ago).", "timestamp": "2021-07-16 18:28:35", "update_id": 323253, "user_id": 4727, "id": 2119927, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cevich", "email": "cevich@redhat.com", "id": 4727, "avatar": "https://seccdn.libravatar.org/avatar/8fb075bfec22aee1e2ae03437b2eec711d82de524bc1fb225303f9646150c9c1?s=24&d=retro", "openid": "cevich.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "cla_redhat"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been unpushed.", "timestamp": "2021-07-16 18:36:16", "update_id": 323253, "user_id": 1643, "id": 2119931, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "dwalsh", "email": "dwalsh@redhat.com", "id": 1643, "avatar": "https://seccdn.libravatar.org/avatar/1c5e583ab8b950eb480915ed4b094dd68fe4e57e7f46a031473ae383bf4d5495?s=24&d=retro", "openid": "dwalsh.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "summer-coding"}, {"name": "container-sig"}, {"name": "cla_redhat"}, {"name": "hgsetroubleshoot"}, {"name": "gitsetroubleshoot"}, {"name": "cvspolicycoreutils"}, {"name": "gitsystem-config-selinux"}, {"name": "gitselinux-policy"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Chris if you try out \nselinux-policy-3.14.6-39.fc33  and update karma it should get pushed, but it looks like it will be released this weekend.", "timestamp": "2021-07-16 18:42:25", "update_id": 323253, "user_id": 1643, "id": 2119940, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "dwalsh", "email": "dwalsh@redhat.com", "id": 1643, "avatar": "https://seccdn.libravatar.org/avatar/1c5e583ab8b950eb480915ed4b094dd68fe4e57e7f46a031473ae383bf4d5495?s=24&d=retro", "openid": "dwalsh.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "summer-coding"}, {"name": "container-sig"}, {"name": "cla_redhat"}, {"name": "hgsetroubleshoot"}, {"name": "gitsetroubleshoot"}, {"name": "cvspolicycoreutils"}, {"name": "gitsystem-config-selinux"}, {"name": "gitselinux-policy"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Ref: https://bodhi.fedoraproject.org/updates/FEDORA-2021-3b341e9e71\n\nTesting with this, and that on a fully updated F33 VM.", "timestamp": "2021-07-16 22:20:36", "update_id": 323253, "user_id": 4727, "id": 2120140, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cevich", "email": "cevich@redhat.com", "id": 4727, "avatar": "https://seccdn.libravatar.org/avatar/8fb075bfec22aee1e2ae03437b2eec711d82de524bc1fb225303f9646150c9c1?s=24&d=retro", "openid": "cevich.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "cla_redhat"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Confirmed, all issues fixed with these two updates, only flakes remain.", "timestamp": "2021-07-17 16:06:04", "update_id": 323253, "user_id": 4727, "id": 2120791, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cevich", "email": "cevich@redhat.com", "id": 4727, "avatar": "https://seccdn.libravatar.org/avatar/8fb075bfec22aee1e2ae03437b2eec711d82de524bc1fb225303f9646150c9c1?s=24&d=retro", "openid": "cevich.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "cla_redhat"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by dwalsh. ", "timestamp": "2021-07-19 14:38:06", "update_id": 323253, "user_id": 91, "id": 2122427, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-07-20 01:01:47", "update_id": 323253, "user_id": 91, "id": 2122873, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2021-07-27 01:03:02", "update_id": 323253, "user_id": 91, "id": 2131029, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by dwalsh. ", "timestamp": "2021-07-27 17:58:48", "update_id": 323253, "user_id": 91, "id": 2132833, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2021-07-28 01:32:08", "update_id": 323253, "user_id": 91, "id": 2139414, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "container-selinux-2.163.0-2.fc33", "signed": true, "release_id": 40, "type": "rpm", "epoch": 2}], "bugs": [], "updateid": "FEDORA-2021-862d1936a6", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}