Bug 1600242
Summary: | scriptlet failure when upgrading contianer-selinux | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Lukas Slebodnik <lslebodn> |
Component: | libsemanage | Assignee: | Petr Lautrbach <plautrba> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 29 | CC: | amurdaca, dwalsh, fkluknav, jchaloup, lsm5, lvrabec, mgrepl, plautrba, vmojzis |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | libsemanage-2.8-3.fc29 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-09-25 14:24:16 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lukas Slebodnik
2018-07-11 19:56:13 UTC
Update your version of libsemanage dnf update libsemanage dnf reinstall container-selinux It did not help (And I already had latest libsemanage when I reported this bug) [root@host ~]# rpm -q libsemanage libsemanage-2.8-2.fc29.x86_64 [root@host ~]# dnf reinstall container-selinux Last metadata expiration check: 3:17:57 ago on Fri 13 Jul 2018 11:21:36 AM CEST. Dependencies resolved. ================================================================================ Package Arch Version Repository Size ================================================================================ Reinstalling: container-selinux noarch 2:2.67-2.git042f7cf.fc29 rawhide 43 k Transaction Summary ================================================================================ Total download size: 43 k Installed size: 37 k Is this ok [y/N]: y Downloading Packages: container-selinux-2.67-2.git042f7cf.fc29.noarch 142 kB/s | 43 kB 00:00 -------------------------------------------------------------------------------- Total 32 kB/s | 43 kB 00:01 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Reinstalling : container-selinux-2:2.67-2.git042f7cf.fc29.noarch 1/2 Running scriptlet: container-selinux-2:2.67-2.git042f7cf.fc29.noarch 1/2 neverallow check failed at /var/lib/selinux/targeted/tmp/modules/100/base/cil:9194 (neverallow base_typeattr_7 unlabeled_t (file (entrypoint))) <root> allow at /var/lib/selinux/targeted/tmp/modules/200/container/cil:1580 (allow spc_t unlabeled_t (file (entrypoint))) <root> allow at /var/lib/selinux/targeted/tmp/modules/100/sandboxX/cil:866 (allow sandbox_x_domain exec_type (file (entrypoint))) <root> allow at /var/lib/selinux/targeted/tmp/modules/100/virt/cil:1678 (allow virtd_lxc_t exec_type (file (entrypoint))) <root> allow at /var/lib/selinux/targeted/tmp/modules/100/virt/cil:2069 (allow svirt_sandbox_domain exec_type (file (entrypoint))) Failed to generate binary /usr/sbin/semodule: Failed! Running scriptlet: container-selinux-2:2.67-2.git042f7cf.fc29.noarch 2/2 Verifying : container-selinux-2:2.67-2.git042f7cf.fc29.noarch 1/2 Verifying : container-selinux-2:2.67-2.git042f7cf.fc29.noarch 2/2 Reinstalled: container-selinux-2:2.67-2.git042f7cf.fc29.noarch Complete! This is a problem in libsemanage then. You can fix it simply by editing the /etc/selinux/semanage.conf file and changing the expand-check value to 0. expand-check=0 This should not be turned on in Rawhide. It should only be turned on for selinux-policy builds. This bug appears to have been reported against 'rawhide' during the Fedora 29 development cycle. Changing version to '29'. |