Bug 1494829

Summary: Upgrade of selinux-policy produce unnecessary output
Product: [Fedora] Fedora Reporter: Lukas Slebodnik <lslebodn>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 27CC: dwalsh, lsm5, lvrabec, mgrepl, plautrba, pmoore
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: selinux-policy-3.13.1-283.14.fc27 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1496339 (view as bug list) Environment:
Last Closed: 2017-10-31 15:35:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1496339    

Description Lukas Slebodnik 2017-09-23 12:28:28 UTC 
Description of problem:
I assume it is caused by other 

Version-Release number of selected component (if applicable):
sh$ rpm -q selinux-policy
selinux-policy-3.13.1-283.3.fc27.noarch

How reproducible:
Deterministic

Steps to Reproduce:
1. dnf update selinux-policy

Actual results:
[root@graviton ~]# dnf update cmake* selinux-*
Last metadata expiration check: 1:19:32 ago on Sat 23 Sep 2017 01:02:07 PM CEST.
Dependencies resolved.
================================================================================
 Package                   Arch     Version             Repository         Size
================================================================================
Upgrading:
 selinux-policy            noarch   3.13.1-283.4.fc27   updates-testing   510 k
 selinux-policy-devel      noarch   3.13.1-283.4.fc27   updates-testing   1.3 M
 selinux-policy-targeted   noarch   3.13.1-283.4.fc27   updates-testing    10 M

Transaction Summary
================================================================================
Upgrade  3 Packages

Total download size: 21 M
Is this ok [y/N]: y
Downloading Packages:
(1/6): cmake-data-3.9.1-4.fc27_3.9.3-1.fc27.noa 6.1 MB/s | 365 kB     00:00    
(2/6): selinux-policy-devel-3.13.1-283.3.fc27_3 6.9 MB/s | 569 kB     00:00    
(3/6): cmake-filesystem-3.9.3-1.fc27.x86_64.rpm 6.0 MB/s |  36 kB     00:00    
(4/6): selinux-policy-3.13.1-283.4.fc27.noarch.  20 MB/s | 510 kB     00:00    
(5/6): selinux-policy-targeted-3.13.1-283.3.fc2  23 MB/s | 4.3 MB     00:00    
(6/6): cmake-3.9.3-1.fc27.x86_64.rpm             39 MB/s | 7.4 MB     00:00    
[DRPM 1/3] selinux-policy-devel-3.13.1-283.3.fc27_3.13.1-283.4.fc27.noarch.drpm: done
[DRPM 2/3] cmake-data-3.9.1-4.fc27_3.9.3-1.fc27.noarch.drpm: done              
/var/cache/dnf/updates-testing-964cea7e3a4152f5/packages/selinux-policy-targeted-3.13.1-283.3.fc27_3.13.1-283.4.fc27.noarch.drpm: md5 mismatch of result
Some packages were not downloaded. Retrying.
selinux-policy-targeted-3.13.1-283.4.fc27.noarc  55 MB/s |  10 MB     00:00    
--------------------------------------------------------------------------------
Total                                           4.3 MB/s |  23 MB     00:05     
Failed Delta RPMs increased 20.9 MB of updates to 23.5 MB (-12.1% wasted)
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1 
  Upgrading        : selinux-policy-3.13.1-283.4.fc27.noarch               1/6 
  Running scriptlet: selinux-policy-3.13.1-283.4.fc27.noarch               1/6 
  Running scriptlet: selinux-policy-targeted-3.13.1-283.4.fc27.noarch      2/6 
  Upgrading        : selinux-policy-targeted-3.13.1-283.4.fc27.noarch      2/6 
  Running scriptlet: selinux-policy-targeted-3.13.1-283.4.fc27.noarch      2/6 
skipping the directory /sys
skipping the directory /proc
skipping the directory /dev
skipping the directory /run
skipping the directory /mnt
skipping the directory /var/tmp
skipping the directory /home
skipping the directory /tmp
skipping the directory /dev
  Upgrading        : selinux-policy-devel-3.13.1-283.4.fc27.noarch         3/6 
  Running scriptlet: selinux-policy-devel-3.13.1-283.4.fc27.noarch         3/6 
  Cleanup          : selinux-policy-devel-3.13.1-283.3.fc27.noarch         4/6 
  Cleanup          : selinux-policy-targeted-3.13.1-283.3.fc27.noarch      5/6 
  Cleanup          : selinux-policy-3.13.1-283.3.fc27.noarch               6/6 
  Running scriptlet: selinux-policy-3.13.1-283.3.fc27.noarch               6/6 
  Verifying        : selinux-policy-3.13.1-283.4.fc27.noarch               1/6 
  Verifying        : selinux-policy-targeted-3.13.1-283.4.fc27.noarch      2/6 
  Verifying        : selinux-policy-devel-3.13.1-283.4.fc27.noarch         3/6 
  Verifying        : selinux-policy-targeted-3.13.1-283.3.fc27.noarch      4/6 
  Verifying        : selinux-policy-3.13.1-283.3.fc27.noarch               5/6 
  Verifying        : selinux-policy-devel-3.13.1-283.3.fc27.noarch         6/6 

Upgraded:
  selinux-policy.noarch 3.13.1-283.4.fc27                                       
  selinux-policy-devel.noarch 3.13.1-283.4.fc27                                 
  selinux-policy-targeted.noarch 3.13.1-283.4.fc27                              

Complete!


Expected results:
Output without info about skipping some directories.
Comment 1 Petr Lautrbach 2017-09-25 15:10:45 UTC 
Unfortunately, the current version of fixfiles can't suppress its output. The following change should fix it for selinux-policy package:

--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -286,7 +286,7 @@ rm -f %{buildroot}%{_sharedstatedir}/selinux/%1/active/*.linked \
 FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
 /usr/sbin/selinuxenabled; \
 if [ $? = 0  -a "${SELINUXTYPE}" = %1 -a -f ${FILE_CONTEXT}.pre ]; then \
-     /sbin/fixfiles -C ${FILE_CONTEXT}.pre restore 2> /dev/null; \
+     /sbin/fixfiles -C ${FILE_CONTEXT}.pre restore 2> /dev/null > /dev/null; \
      rm -f ${FILE_CONTEXT}.pre; \
 fi; \
 if /sbin/restorecon -e /run/media -R /root /var/log /var/run /etc/passwd* /etc/group* /etc/*shadow* 2> /dev/null;then \
Comment 2 Lukas Slebodnik 2017-09-25 15:16:18 UTC 
(In reply to Petr Lautrbach from comment #1)
> Unfortunately, the current version of fixfiles can't suppress its output.
> The following change should fix it for selinux-policy package:
>

Then I would rather consider tis BZ as RFE for policycoreutils(fixfiles) :-)
Comment 3 Petr Lautrbach 2017-09-27 06:24:46 UTC 
Lets try both.
Comment 4 Lukas Vrabec 2017-09-27 08:06:15 UTC 
Thanks Petr for patch.
Comment 5 Fedora Update System 2017-10-25 10:12:17 UTC 
selinux-policy-3.13.1-283.13.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5e9ce60d2
Comment 6 Fedora Update System 2017-10-27 18:45:20 UTC 
selinux-policy-3.13.1-283.14.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5e9ce60d2
Comment 7 Fedora Update System 2017-10-31 15:35:07 UTC 
selinux-policy-3.13.1-283.14.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.