Updating to bind-9.9.4-72.el7.x86_64 on SELinux disabled system generates errors

Solution Verified - Updated -

Issue

  • With the bind-9.9.4-72.el7.x86_64 package in Red Hat Enterprise Linux 7.6, the rpms scriptlets now contains SELinux code, whereas it had not before. This new code has introduced at least two problems.
  • The first is that if run on a system which does not have the selinux-policy-targeted package installed, the scriptlets will print errors and fail. The exact errors vary depending on some other circumstances. If SELinux is disabled, following will be displayed.
libsemanage.semanage_read_policydb: Could not open kernel policy /etc/selinux/targeted/active/policy.kern for reading. (No such file or directory).
OSError: No such file or directory
libsemanage.semanage_read_policydb: Could not open kernel policy /etc/selinux/targeted/active/policy.kern for reading. (No such file or directory).
OSError: No such file or directory
ValueError: SELinux policy is not managed or store cannot be accessed.
warning: %posttrans(bind-32:9.9.4-72.el7.x86_64) scriptlet failed, exit status 1
  • If SELinux was enabled on the machine itself but the rpm was being installed in a chroot which did not have selinux-policy-targeted installed, following will be displayed:
Traceback (most recent call last):
  File "/sbin/semanage", line 32, in <module>
    import seobject
  File "/usr/lib64/python2.7/site-packages/seobject/__init__.py", line 36, in <module>
    import sepolicy
  File "/usr/lib64/python2.7/site-packages/sepolicy/__init__.py", line 930, in <module>
    raise e
ValueError: No SELinux Policy installed
Traceback (most recent call last):
  File "/sbin/semanage", line 32, in <module>
    import seobject
  File "/usr/lib64/python2.7/site-packages/seobject/__init__.py", line 36, in <module>
    import sepolicy
  File "/usr/lib64/python2.7/site-packages/sepolicy/__init__.py", line 930, in <module>
    raise e
ValueError: No SELinux Policy installed
Traceback (most recent call last):
  File "/usr/sbin/semanage", line 32, in <module>
    import seobject
  File "/usr/lib64/python2.7/site-packages/seobject/__init__.py", line 36, in <module>
    import sepolicy
  File "/usr/lib64/python2.7/site-packages/sepolicy/__init__.py", line 930, in <module>
    raise e
ValueError: No SELinux Policy installed
warning: %posttrans(bind-32:9.9.4-72.el7.x86_64) scriptlet failed, exit status 1
  • Looking at the posttrans scriptlet in the rpm, one can see this comment:
# selinux-policy-targeted is required for following macro to work.
# This package should not depend on it explicitly, but anaconda ensures
# it is installed.

Environment

  • Red Hat Enterprise Linux 7
  • bind-9.9.4-72.el7.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In