Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-81134

Scriptlet errors during installation of selinux-policy package

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • rhel-security-selinux
    • ssg_security
    • 3
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • None
    • None
    • None
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      Installation of selinux-policy package shows the following errors in the configuration phase (excerpt from packaging.log from system installation):

      20:26:13,639 INF packaging: Installed: selinux-policy-38.1.53-2.el9.noarch 1739803462 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45
20:26:13,678 INF packaging: Configuring (running scriptlet for): selinux-policy-38.1.53-2.el9.noarch 1739803462 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45
20:26:13,697 INF packaging: Configuring (running scriptlet for): selinux-policy-38.1.53-2.el9.noarch 1739803462 9e1130d1e0735040baf916fb59cc64cf1b5ccd8a203f5d0c9ca16cd4b0d73f45
20:26:13,707 INF dnf.rpm: Error obtaining file context handle: No such file or directory
Error obtaining file context handle: No such file or directory
Error obtaining file context handle: No such file or directory
Error obtaining file context handle: No such file or directory
Error obtaining file context handle: No such file or directory
Error obtaining file context handle: No such file or directory

      I've poked in it a bit in installed system using a wrapper script for the semodule binary running it through strace and found the following, hopefully not mentioning the obvious:

      openat(AT_FDCWD, "/etc/selinux/targeted/contexts/files/file_contexts.subs_dist", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/selinux/targeted/contexts/files/file_contexts.subs", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/etc/selinux/targeted/contexts/files/file_contexts", 0x7ffe92a7f048, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/etc/selinux/targeted/contexts/files/file_contexts.bin", 0x7ffe92a7f0e0, 0) = -1 ENOENT (No such file or directory)
write(2, "Error obtaining file context han"..., 63Error obtaining file context handle: No such file or directory
) = 63

      What is the impact of this issue to you?

      It looks like there's no tangible impact, but there should be no errors present when the package is installed. Furthermore, it triggers false alarms in some of our tests.

      Please provide the package NVR for which the bug is seen:

      selinux-policy-38.1.53-2.el9.noarch

      How reproducible is this bug?:

      Likely always.

      Steps to reproduce

      Either

      1.  Run installation of RHEL-9.6.0-20250222.8 and inspect /var/log/anaconda/packaging.log.

      or

      1. Install RHEL-9.6.0-20250222.8.
      2. dnf -y remove selinux-policy && dnf -y install selinux-policy

      Expected results

      No errors occur during installation of selinux-policy package.

      Actual results

      Error obtaining file context handle: No such file or directory

              rhn-support-zpytela Zdenek Pytela
              rhn-support-jikortus Jiri Kortus
              Zdenek Pytela Zdenek Pytela
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: