Description of problem: When upgrading from selinux-policy-strict-2.6.4-42 to selinux-policy-strict-2.6.4-43, I got the messages: /etc/selinux/strict/contexts/files/file_contexts: Multiple different specifications for /usr/bin/apt-get (system_u:object_r:rpm_exec_t:s0 and system_u:object_r:apt_exec_t:s0). /etc/selinux/strict/contexts/files/file_contexts: Multiple different specifications for /usr/bin/apt-shell (system_u:object_r:rpm_exec_t:s0 and system_u:object_r:apt_exec_t:s0). /etc/selinux/strict/contexts/files/file_contexts: Multiple different specifications for /usr/sbin/synaptic (system_u:object_r:rpm_exec_t:s0 and system_u:object_r:apt_exec_t:s0). Neither targeted nor mls policies had this issue. Version-Release number of selected component (if applicable): 2.6.4-43 How reproducible: 50% It happened on one of two systems I upgraded. Steps to Reproduce: 1. Update selinux-policy-strict to 2.6.4-43 Actual results: Update occurred with the error messages above. Expected results: No error messages while updating. Additional info: Both systems had synaptics-0.14.4-8.fc6 installed. The systems do have different package sets installed on them, so they aren't identical.
Do you see an apt policy installed semodule -r apt -s strict
On the machine where I saw the error message, when running "semodule -r apt -s strict", I just got a prompt back. Just for the heck of it, I tried "semodule -r apt -s targeted", and got the following message: libsemanage.semanage_direct_remove: Module apt was not found. semodule: Failed on apt! I'll probably get a chance to test this on the machine where I didn't get the message during the update tonight.
That means that somewhere along the line someone installed the apt policy on your machine, for strict policy. It is removed now, so updating to strict policy should work. BTW, if you do not use strict policy, just remove it from the system, rpm -e selinux-policy-strict