SELinux RPM scriplet issue annoucement
Michael Schwendt
mschwendt at gmail.com
Sun Jan 19 23:14:42 UTC 2014
Anyone not aware of the problem and the fix, who applies the -117.fc20
selinux-policy update in _enforcing_ mode (since it has entered stable
updates meanwhile) believing it to be a normal update, will face another
failure and a partial update. Package selinux-policy updated
to -117.fc20 but -targeted remaining at -116.fc20.
Fixing that with the instructions in the Wiki wouldn't work,
# yum update selinux-policy
Loaded plugins: auto-update-debuginfo, langpacks, refresh-packagekit
No packages marked for update
since selinux-policy package is up-to-date. The enhanced fix that adds
'\*' works also for this extra problem:
setenforce 0
yum clean expire-cache
yum update selinux-policy\*
setenforce 1
[...]
Here's the full reproducer:
# yum update
Loaded plugins: auto-update-debuginfo, langpacks, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package selinux-policy.noarch 0:3.12.1-116.fc20 will be updated
---> Package selinux-policy.noarch 0:3.12.1-117.fc20 will be an update
---> Package selinux-policy-targeted.noarch 0:3.12.1-116.fc20 will be updated
---> Package selinux-policy-targeted.noarch 0:3.12.1-117.fc20 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================== ==============================
Package Arch Version Repository Size
================================================== ==============================
Updating:
selinux-policy noarch 3.12.1-117.fc20 updates 316 k
selinux-policy-targeted noarch 3.12.1-117.fc20 updates 3.6 M
Transaction Summary
================================================== ==============================
Upgrade 2 Packages
Total download size: 3.9 M
Is this ok [y/d/N]: y
Downloading packages:
updates/20/x86_64/prestodelta | 1.3 MB 00:02
(1/2): selinux-policy-3.12.1-117.fc20.noarch.rpm | 316 kB 00:04
(2/2): selinux-policy-targeted-3.12.1-117.fc20.noarch.rpm | 3.6 MB 00:04
--------------------------------------------------------------------------------
Total 868 kB/s | 3.9 MB 00:04
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Updating : selinux-policy-3.12.1-117.fc20.noarch 1/4
warning: %post(selinux-policy-3.12.1-117.fc20.noarch) scriptlet failed, exit status 127
Non-fatal POSTIN scriptlet failure in rpm package selinux-policy-3.12.1-117.fc20.noarch
warning: %triggerin(selinux-policy-3.12.1-117.fc20.noarch) scriptlet failed, exit status 127
Non-fatal <unknown> scriptlet failure in rpm package selinux-policy-3.12.1-117.fc20.noarch
error: %pre(selinux-policy-targeted-3.12.1-117.fc20.noarch) scriptlet failed, exit status 127
Error in PREIN scriptlet in rpm package selinux-policy-targeted-3.12.1-117.fc20.noarch
Cleanup : selinux-policy-3.12.1-116.fc20.noarch 3/4
error: selinux-policy-targeted-3.12.1-117.fc20.noarch: install failed
error: selinux-policy-targeted-3.12.1-116.fc20.noarch: erase skipped
warning: %postun(selinux-policy-3.12.1-116.fc20.noarch) scriptlet failed, exit status 127
Non-fatal POSTUN scriptlet failure in rpm package selinux-policy-3.12.1-116.fc20.noarch
Verifying : selinux-policy-3.12.1-117.fc20.noarch 1/4
selinux-policy-targeted-3.12.1-116.fc20.noarch was supposed to be removed but is not!
Verifying : selinux-policy-targeted-3.12.1-116.fc20.noarch 2/4
Verifying : selinux-policy-3.12.1-116.fc20.noarch 3/4
Verifying : selinux-policy-targeted-3.12.1-117.fc20.noarch 4/4
Updated:
selinux-policy.noarch 0:3.12.1-117.fc20
Failed:
selinux-policy-targeted.noarch 0:3.12.1-116.fc20
selinux-policy-targeted.noarch 0:3.12.1-117.fc20
Complete!
# rpm -qa selinux-policy\*
selinux-policy-targeted-3.12.1-116.fc20.noarch
selinux-policy-3.12.1-117.fc20.noarch
# yum update selinux-policy
Loaded plugins: auto-update-debuginfo, langpacks, refresh-packagekit
No packages marked for update
# yum update selinux-policy\*
Loaded plugins: auto-update-debuginfo, langpacks, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package selinux-policy-targeted.noarch 0:3.12.1-116.fc20 will be updated
---> Package selinux-policy-targeted.noarch 0:3.12.1-117.fc20 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
selinux-policy-targeted noarch 3.12.1-117.fc20 updates 3.6 M
Transaction Summary
================================================================================
Upgrade 1 Package
Total size: 3.6 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : selinux-policy-targeted-3.12.1-117.fc20.noarch 1/2
Cleanup : selinux-policy-targeted-3.12.1-116.fc20.noarch 2/2
Verifying : selinux-policy-targeted-3.12.1-117.fc20.noarch 1/2
Verifying : selinux-policy-targeted-3.12.1-116.fc20.noarch 2/2
Updated:
selinux-policy-targeted.noarch 0:3.12.1-117.fc20
Complete!
More information about the devel
mailing list