SSH port permissions lead to OSError and "type rabbitmq_conf_t is not defined"

[expectocode]

I run SSH on a non-standard port (to reduce spam) on Fedora 31 on my personal machine. Recently I saw a message that sshd had failed to start, due to not being able to bind its port. Here are the messages from journalctl -xe:

Feb 03 09:22:49 f python3[190223]: SELinux is preventing sshd from name_bind access on the tcp_socket port [my non-standard SSH port].

                                   *****  Plugin bind_ports (92.2 confidence) suggests   ************************

                                   If you want to allow sshd to bind to network port [my non-standard SSH port]
                                   Then you need to modify the port type.
                                   Do
                                   # semanage port -a -t PORT_TYPE -p tcp [my non-standard SSH port]
                                       where PORT_TYPE is one of the following: ssh_port_t, vnc_port_t, xserver_port_t.

                                   *****  Plugin catchall_boolean (7.83 confidence) suggests   ******************

                                   If you want to allow nis to enabled
                                   Then you must tell SELinux about this by enabling the 'nis_enabled' boolean.

                                   Do
                                   setsebool -P nis_enabled 1

                                   *****  Plugin catchall (1.41 confidence) suggests   **************************

                                   If you believe that sshd should be allowed name_bind access on the port [my non-standard SSH port] tcp_socket by default.
                                   Then you should report this as a bug.
                                   You can generate a local policy module to allow this access.
                                   Do
                                   allow this access for now by executing:
                                   # ausearch -c 'sshd' --raw | audit2allow -M my-sshd
                                   # semodule -X 300 -i my-sshd.pp

I then ran the command sudo semanage port -a -t ssh_port_t -p tcp [my non-standard SSH port], which resulted in this output:

libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert system_u:object_r:rabbitmq_conf_t:s0 to sid
invalid context system_u:object_r:rabbitmq_conf_t:s0
libsemanage.semanage_validate_and_compile_fcontexts: setfiles returned error code 255.
OSError: [Errno 0] Error

Obviously this isn't what I expected to see - any ideas how I can solve my problem? Thanks.

Package information:

Name         : libselinux
Version      : 2.9
Release      : 5.fc31

Name         : libsepol
Version      : 2.9
Release      : 2.fc31

Name         : libsemanage
Version      : 2.9
Release      : 3.fc31

Name         : checkpolicy
Version      : 2.9
Release      : 2.fc31

[bachradsusi]

It looks like a bug container-selinux package. I've opened a bug - https://bugzilla.redhat.com/show_bug.cgi?id=1797554

[bachradsusi]

Try to update the whole system, I'm not able to reproduce after dnf update with container-selinux-2.124.0-3.fc31.noarch and selinux-policy-3.14.4-45.fc31.noarch

[expectocode]

Did a dnf update, problem remains. I don't have container-selinux installed, but I have selinux-policy:

Version      : 3.14.4
Release      : 45.fc31
Architecture : noarch

[expectocode]

Installing container-selinux seemed to fix the problem. However, during installation I got some error messages as well:

Dependencies resolved.
=======================================================================
 Package              Arch      Version               Repository  Size
=======================================================================
Installing:
 container-selinux    noarch    2:2.124.0-3.fc31      updates     48 k

Transaction Summary
=======================================================================
Install  1 Package

Total download size: 48 k
Installed size: 44 k
Is this ok [y/N]: y
Downloading Packages:
container-selinux-2.124.0-3.fc31.noarc 412 kB/s |  48 kB     00:00
-----------------------------------------------------------------------
Total                                   78 kB/s |  48 kB     00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                               1/1
  Running scriptlet: container-selinux-2:2.124.0-3.fc31.noarch     1/1
  Installing       : container-selinux-2:2.124.0-3.fc31.noarch     1/1
  Running scriptlet: container-selinux-2:2.124.0-3.fc31.noarch     1/1

libsepol.context_from_record: type stratisd_data_t is not defined
libsepol.context_from_record: could not create context structure
libsepol.context_from_string: could not create context structure
libsepol.sepol_context_to_sid: could not convert system_u:object_r:stratisd_data_t:s0 to sid
invalid context system_u:object_r:stratisd_data_t:s0

  Verifying        : container-selinux-2:2.124.0-3.fc31.noarch     1/1

Installed:
  container-selinux-2:2.124.0-3.fc31.noarch

Complete!
sudo dnf install container-selinux  25.19s user 3.24s system 93% cpu 30.305 total