[DSE-Dev] Bug#1098793: semodule-utils 3.8-1 breaks selinux-policy-default all: Re-declaration of role unconfined_r
Martin Pitt
mpitt at debian.org
Mon Feb 24 09:58:15 GMT 2025
Package: semodule-utils
Version: 3.8-1
Severity: serious
Hello,
The most recent semodule-utils update rendered the current
selinux-policy-default 2:2.20250115-1 uninstallable.
With the previous semodule-utils 3.7-1,
apt install --reinstall selinux-policy-default
works fine. But after updating to semodule-utils 3.8-1, that command fails with
| Re-declaration of role unconfined_r
| Previous declaration of role at /var/lib/selinux/default/tmp/modules/100/unconfined/cil:5
| Bad role declaration at /var/lib/selinux/default/tmp/modules/100/unconfined/cil:5
| Failed to build AST
| semodule: Failed!
| failed.
| dpkg: error processing package selinux-policy-default (--configure):
| installed selinux-policy-default package post-installation script subprocess returned error exit status 1
Note that the file /var/lib/selinux/default/tmp/modules/100/unconfined/cil is processed twice.
The invocation of semodules by selinux-policy-default.postinst looks correct
and does not have duplicated arguments.
Obviously, please feel free to reassign this to selinux-policy-default if that
needs an update.
Thanks!
Martin
More information about the SELinux-devel
mailing list