New F35 selinux-policy build. This update fixes a problem with the previous build when packages with custom selinux modules were installed, causing the custom module not to be active.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2022-87a0b7e8d0
Please login to add feedback.
This update has been submitted for testing by zpytela.
This update's test gating status has been changed to 'waiting'.
Note the update from selinux-policy-35.10-1.fc35 will still report:
Running transaction Running scriptlet: selinux-policy-targeted-35.11-1.fc35.noarch 1/1 Preparing : 1/1 Upgrading : selinux-policy-35.11-1.fc35.noarch 1/4 Running scriptlet: selinux-policy-35.11-1.fc35.noarch 1/4 Problems processing filecon rules Failed post db handling Post process failed /usr/sbin/semodule: Failed!
but it should finish sucessfully and with the previously inactive modules active again.
That was fast ! Works without all the issues mentioned in versions 35.9 and 35.10 ! Thank you very much @zpytela !
Also, the update process is back to normal - it was quick as usual ... what you mentioned in your note did not occur.
@zpytela thanks for the quick turnaround. Could you build this for Rawhide too? Thanks!
LGTM. Installed from Koji.
I manually ran
semodule -nB
and it seems thatcockpit
andmiscfiles
are listed insemodule -l
. However, as described, the command failed (See comments on https://bodhi.fedoraproject.org/updates/FEDORA-2022-41fa7610dd).I still get the
Regex version mismatch
when runningsu
.This is much better for me but I'm not using cockpit so I'll defer karma until someone mentions that cockpit's OK.
The openQA tests that failed on 35.10 pass on 35.11.
cockpit seems to work fine. (I didn't install the update, but ran the command from the package)
but the other issues remain.
This update's test gating status has been changed to 'failed'.
@adamwill, I already initiated the build some time ago, this time CI cannot even make a scratchbuild.
Excellent! None of the issues as seen with the previous release on any of my machines.
Didn't have issues with Cockpit following last release, but this has restored Podman container functionality for me.
This update's test gating status has been changed to 'passed'.
This update seems to undo all the issues -9 and -10 created, at least as far as I can tell. Just like cbrannan mentions this restored podman functionality, thankfully.
This update has been submitted for stable by bodhi.
After applying update from koji, the
Regex version mismatch
is fixed for me as well. Looks good. Thank you for the quick fix.@zpytela I'm not sure what you mean about CI, but there definitely isn't any 35.11 build for Rawhide logged anywhere, and the Rawhide dist-git repo is still at 35.10, no 35.11 bump has even been committed. The same problems we had in F35 showed up in today's Rawhide compose, so it'd be good to have them fixed in Rawhide too.
@zpytela compared to the f35 branch, it looks like the rawhide branch has the "Force a rebuild of policy unconditionally" commit, but not the "* Wed Jan 19 2022 Zdenek Pytela zpytela@redhat.com - 35.11-1" commit.
@adamwill, that's it - for a new build we use a PR and a CI pipeline is run to execute selected tests. It has just successfully finished, so a rawhide build should be there in an hour or so.
This update has been pushed to stable.
WFM, regex message solved.
Updating to 35.11 resolved my selinux related problems that started when I updated from .8 -> .10. I had run an autorelabel on .10 which seemed to make things worse so I ran it again after updating to .11 and I can login my system normally again and the frequent selinux alerts went away.