Hide Forgot
Description of problem: During ipa upgrade process from RHEL 7.0 to RHEL 7.3, semodule: Failed! message is displayed while updating selinux-policy-targeted package. Version-Release number of selected component (if applicable): selinux-policy-targeted-3.13.1-100.el7.noarch How reproducible: Always Steps to Reproduce: 1. Setup IPA server on RHEL 7.0 2. Setup repo links for RHEL 7.3 in order to upgrade ipa server(in my case ipa-server.x86_64 0:4.4.0-9.el7). 3. Initiate upgrade prcess by running command "yum -y update 'ipa*' sssd" Actual results: 1. After step3, Yum update process completes successfully, and ipa server is updated successfully. 2. During yum process following message is displayed at console: Updating : selinux-policy-3.13.1-100.el7.noarch 92/271 Updating : selinux-policy-targeted-3.13.1-100.el7.noarch 93/271 Re-declaration of type pkcsslotd_t Failed to create node Bad type declaration at /etc/selinux/targeted/tmp/modules/400/pkcsslotd/cil:1 semodule: Failed! Updating : bind-dyndb-ldap-10.0-5.el7.x86_64 94/271 Enabling SELinux boolean named_write_master_zones Updating : setools-libs-3.3.8-1.1.el7.x86_64 95/271 Updating : policycoreutils-python-2.5-8.el7.x86_64 96/271 Updating : pytalloc-2.1.6-1.el7.x86_64 Expected results: No error message should be observed.
Correction for IPA server version used in my case it is : IPA server version: ipa-server-4.4.0-12.el7.x86_64 Bind-ldap: bind-dyndb-ldap-10.0-5.el7.x86_64
Seems that pkcsslotd module was renamed to pkcs since RHEL-7.0 so the module store upgrade script can't correctly move it to the new store and creates a duplicate with priority 400.