Hide Forgot
Description of problem: semanage command failed with updated selinux-policy-targeted Version-Release number of selected component (if applicable): selinux-policy-3.13.1-68.el7.noarch policycoreutils-python-2.5-2.el7.x86_64 policycoreutils-2.5-2.el7.x86_64 selinux-policy-targeted-3.13.1-68.el7.noarch libselinux-2.5-2.el7.x86_64 How reproducible: always Steps to Reproduce: 1. # semanage fcontext --add -t virt_image_t -r s0 "/usr/share/avocado/data/avocado-vt/images(/.*)?" ERROR: policydb version 30 does not match my version range 15-29 ERROR: Unable to open policy //etc/selinux/targeted/policy/policy.30. Traceback (most recent call last): File "/usr/sbin/semanage", line 32, in <module> import seobject File "/usr/lib/python2.7/site-packages/seobject/__init__.py", line 35, in <module> import sepolicy File "/usr/lib64/python2.7/site-packages/sepolicy/__init__.py", line 907, in <module> raise e ValueError: Failed to read //etc/selinux/targeted/policy/policy.30 policy file 2. 3. Actual results: failed Expected results: succeed Additional info: works fine when with policy.29
Generally, it should work: # rpm -qf /etc/selinux/targeted/policy/policy.30 selinux-policy-targeted-3.13.1-68.el7.noarch # semanage fcontext --add -t virt_image_t -r s0 "/usr/share/avocado/data/avocado-vt/images(/.*)?" # We either have a missing dependency or need to make another rebuild. Please provide an output of: $ rpm -q checkpolicy setools policycoreutils libsemanage libselinux libsepol
# rpm -q checkpolicy setools policycoreutils libsemanage libselinux libsepol checkpolicy-2.5-2.el7.x86_64 package setools is not installed policycoreutils-2.5-2.el7.x86_64 libsemanage-2.5-2.1.el7.x86_64 libselinux-2.5-2.el7.x86_64 libsepol-2.5-2.1.el7.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2279.html
hello, I worked on yocto with meta-selinux, and have same issue. Could you let me know which patch work on this issue?
This is not about patch, it is about process of releasing correctly build and published matching versions of policy and userspace in the available repositories. This might occur during some transitional period when there's new policy package but not yet update userspace libraries and/or tools. Normally, this should not happen while using official supported repositories.
For folks googling: You may need to rebuild libselinux as well as libsepol if the policy version fails to match.