Fedora Account System
Red Hat Associate
Red Hat Customer
Description of problem: Files and directories under /var/opt have the wrong context, blocking access and breaking applications. Version-Release number of selected component (if applicable): selinux-policy-42.24-1.fc43.noarch How reproducible: 100% Steps to Reproduce: 1. ls -Zd /var/opt Actual results: > system_u:object_r:usr_t:s0 /var/opt Expected results: > system_u:object_r:var_t:s0 /var/opt Additional info: This is a regression caused here: https://github.com/fedora-selinux/selinux-policy/pull/2917 Upstream bug report: https://github.com/fedora-selinux/selinux-policy/issues/2960 This is breaking third-party software that uses the "opt" namespaces. No known workaround except reverting the above PR.
Any idea on a timeline for a fix here? Do we need to start looking at more permanent workarounds for software that uses /var/opt? The bug has unfortunately propagated to SLES 16, so this is hitting enterprise users now. I'm worried it will show up in RHEL as well soon.