View Issue Details

IDProjectCategoryView StatusLast Update
0017595CentOS-8dracutpublic2020-07-16 17:25
ReporterBlaster 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version8.2.2004 
Target VersionFixed in Version 
Summary0017595: Enabling FIPS mode on ARM64 causes dracut to fail. Identity Manager logins then fail
DescriptionWhen enabling FIPS mode on arm64, the following errors are displayed:

#>fips-mode-setup --enable

Kernel initramdisks are being regenerated. This might take some time.
dracut: Disabling early microcode, because kernel does not support it. CONFIG_MICROCODE_[AMD|INTEL]!=y
dracut-install: Failed to find module 'xen_netfront'
dracut: FAILED: /usr/lib/dracut/dracut-install -D /var/tmp/dracut.xuGktr/initramfs --kerneldir /lib/modules/4.18.0-193.6.3.el8_2.aarch64/ -m xen_netfront xen-blkfront
Setting system policy to FIPS
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policiesto fully take place.
FIPS mode will be enabled.
Please reboot the system for the setting to take effect.

It appears to be attempting to install several INTEL based settings on ARM64 based systems.

After rebooting, we can no longer log in with Identity Manager based authentication accounts.

With CentOS 8.2 on Intel X86_64 we can run this command, reboot, login, everything is fine. There are no error messages on X86_64 systems.
Steps To ReproduceRun "fips-mode-setup --enable"
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2020-07-16 17:25 Blaster New Issue