0000136: container-selinux doesn't remove selinux modules - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0000136	AlmaLinux-8	selinux-policy	public	2021-10-22 11:30	2021-11-08 09:31

Reporter	joystick	Assigned To
Priority	normal	Severity	minor	Reproducibility	always
Status	new	Resolution	open
OS	AlmaLinux	OS Version	8.4

Summary	0000136: container-selinux doesn't remove selinux modules
Description	Package container-selinux doesn't remove the selinux modules it installs. Why is this happening? Beacuse the package is trying to remove the module with the wrong priority.
Steps To Reproduce	Before installation container-selinux package: root@alma:~ dnf list installed \| grep container-selinux root@alma:~ semodule -l \| grep container Aftef installation: root@alma:~ dnf list installed \| grep container-selinux container-selinux.noarch 2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf @AppStream root@alma:~ semodule -l \| grep container container pcpupstream-container After remove package: root@alma:~ dnf remove container-selinux Dependencies resolved. =========================================================================================================================================================================================================== Package Architecture Version Repository Size =========================================================================================================================================================================================================== Removing: container-selinux noarch 2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf @AppStream 48 k Transaction Summary =========================================================================================================================================================================================================== Remove 1 Package Freed space: 48 k Is this ok [y/N]: y Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: container-selinux-2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf.noarch 1/1 Erasing : container-selinux-2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf.noarch 1/1 Running scriptlet: container-selinux-2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf.noarch 1/1 Verifying : container-selinux-2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf.noarch 1/1 Removed: container-selinux-2:2.167.0-1.module_el8.4.0+2535+b6fd1bdf.noarch Complete! root@alma:~ dnf list installed \| grep container-selinux root@alma:~ semodule -l \| grep container container pcpupstream-container Package is trying to remove the module with the wrong priority: root@alma:/var/lib/selinux/targeted/active/modules/200 ls \| grep container drwx------. 2 root root 44 Oct 21 11:28 container root@alma:~ semodule -r container libsemanage.semanage_direct_remove_key: Unable to remove module container at priority 400. (No such file or directory). semodule: Failed! root@alma:~ semodule -X 200 -r container libsemanage.semanage_direct_remove_key: Removing last container module (no other container module exists at another priority).
Tags	selinux

abrt_hash
URL

alukoshko 2021-11-08 09:04 administrator ~0000375	Hi. Could you try to reproduce this on CentOS 8 and CentOS Stream 8? If it's upstream bug then we have to submit it to Red Hat.

joystick 2021-11-08 09:31 reporter ~0000376	Hi, I managed to reproduce this problem on CentOS 8 (Linux), I haven't tested it on stream.

Date Modified	Username	Field	Change
2021-10-22 11:30	joystick	New Issue
2021-10-22 11:30	joystick	Tag Attached: selinux
2021-11-08 09:04	alukoshko	Note Added: 0000375
2021-11-08 09:31	joystick	Note Added: 0000376