What were you trying to do that didn't work?

We are using an minimal os installation without policycoreutils and policycoreutils-python-utils. selinux is disabled. (selinux=0)

Starting the systemd update 252-33.el9.x86_64 this is not possible anymore.

Please provide the package NVR for which bug is seen:

systemd-252-33.el9.x86_64
https://gitlab.com/redhat/centos-stream/rpms/systemd/-/commit/ce6f3446e8680eeb37f485cde12b9ce91b61ece5

How reproducible:

Update to latest compose (20240506) and recognize the additional packages/requirements.

> rpm -qp systemd-252-33.el9.x86_64.rpm --requires |grep ^policy
policycoreutils
policycoreutils-python-utils 

Alternatively try to install a fresh system with the following kickstart package selection:

%packages --exclude-weakdeps
@core
bzip2
dmidecode
glibc-langpack-en
ksh
tar
wget
-audit
-biosdevname
-dnf-plugins-core
-dracut-config-rescue
-firewalld
-firewalld-filesystem
-iwl*firmware
-iproute-tc
-langpacks*
-lshw
-NetworkManager-team
-policycoreutils
-prefixdevname
-rpm-plugin-selinux
-selinux-policy
-selinux-policy-targeted
-sssd-client
-sssd-common
-sssd-kcm
%end 

Expected results

Systems should be possible to install without policycoreutils and policycoreutils-python-utils. At least policycoreutils-python-utils should be optional.

Actual results

policycoreutils and policycoreutils-python-utils are required.

If I understand https://fedoraproject.org/wiki/SELinux/IndependentPolicy currently selinux policies should be independent of the base package?