Description of problem: Update of selinux-policy-targeted policy removes locally set security rules. Version-Release number of selected component (if applicable): All version contained in Fedora 23. How reproducible: After every dnf update containing new selinux-policy-targeted package. Steps to Reproduce: 1. Create some local rules by using semanage fcontext. 2. Rules are contained in /etc/selinux/targeted/context/files/file_contexts.local file. 3. After selinux-policy-targeted update the file /etc/selinux/targeted/context/files/file_contexts.local does not contain created rules. Actual results: Locally created rules do not survive selinux-policy-targeted update since upgrade to Fedora 23. Expected results: Locally created rules survive selinux-policy-targeted update. Additional info:
We added fixes for this issue. What does rpm -qf selinux-policy-targeted
Command rpm -qf selinux-policy-targeted is non-sense. It would try to detect package which owns selinux-policy-targeted file. You probably mean rpm -qi selinux-policy-targeted: Name : selinux-policy-targeted Version : 3.13.1 Release : 155.fc23 Architecture: noarch Install Date: Pi 27. november 2015, 08:03:11 CET Group : System Environment/Base Size : 11231582 License : GPLv2+ Signature : RSA/SHA256, Ne 22. november 2015, 02:02:05 CET, Key ID 32474cf834ec9cba Source RPM : selinux-policy-3.13.1-155.fc23.src.rpm Build Date : Pi 20. november 2015, 14:08:41 CET Build Host : arm02-builder01.arm.fedoraproject.org Relocations : (not relocatable) Packager : Fedora Project Vendor : Fedora Project URL : http://github.com/TresysTechnology/refpolicy/wiki Summary : SELinux targeted base policy Description : SELinux Reference policy targeted base module. I fixed permissions on 9-th of November 2015 and the issue appeared again. I am not sure whether it was caused by latest update on 27-th of November. Maybe another update between the dates caused it. Was there some update these days and was the bug fixed afterwards?
Issue appeared again with fresh update today. I updated to selinux-policy-targeted-3.13.1-157.fc23.noarch.
Ok this is a different issue.
*** This bug has been marked as a duplicate of bug 1291601 ***