~~If host system is not using SElinux, --addkey param needs to be used with --relabel or just disable selinux with --selinux=OFF for manually added ssh key to work.~~
--addkey
--relabel
--selinux=OFF
~~--relabel is just working for Minimal & Server arm images. There must be another solution for the IOT image.~~
Ignore what is written above. I am not an expert and my suggestion is not good for security like @pbrobinson wrote.
Discustion about this problem is here: https://matrix.to/#/!GjCbAiaDPJqDDSqWlc:matrix.org/$QMxA8n-dPVzbiw03lOyt4EKTi5yhVVrUmCWkmPClDKY?via=libera.chat&via=matrix.org&via=fedora.im
Complete NACK on "just disable selinux", that provides key security functionality which is important on IoT. We also don't want to relabel unnecessarily as that's also an expensive option, we would want some way to do that with some insight. Patches welcome (that don't just disable selinux)
Metadata Update from @pbrobinson: - Issue close_status updated to: Can't Fix - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.