Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v1.25.6+k3s1] k3s-selinux package has transaction failure on CentOS 9 Stream #6870

Closed
mhjacks opened this issue Feb 1, 2023 · 4 comments
Closed

[v1.25.6+k3s1] k3s-selinux package has transaction failure on CentOS 9 Stream #6870

mhjacks opened this issue Feb 1, 2023 · 4 comments

Comments

@mhjacks
Copy link

mhjacks commented Feb 1, 2023

Environmental Info:
K3s Version:

version v1.25.6+k3s1 (9176e03)
go version go1.19.5

Node(s) CPU architecture, OS, and Version:

Linux srv-c9s-t1.imladris.lan 5.14.0-247.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Jan 27 19:22:07 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Cluster Configuration:

Single node
Describe the bug:

Steps To Reproduce:

  • Installed K3s:

During the installation, the k3s-selinux RPM was installed but suffered an rpm transaction failure while installing, like so:

Running transaction
  Preparing        :                                                                            1/1 
  Running scriptlet: k3s-selinux-1.2-2.el8.noarch                                               1/1 
  Installing       : k3s-selinux-1.2-2.el8.noarch                                               1/1 
  Running scriptlet: k3s-selinux-1.2-2.el8.noarch                                               1/1 
Conflicting name type transition rules
Binary policy creation failed at /var/lib/selinux/targeted/tmp/modules/200/k3s/cil:135
Failed to generate binary
/usr/sbin/semodule:  Failed!

  Verifying        : k3s-selinux-1.2-2.el8.noarch                                               1/1 
Installed products updated.

Installed:
  k3s-selinux-1.2-2.el8.noarch

This causes problems with the selinux policy down the line, as subsequent policy additions and changes will also fail to compile.

Expected behavior:

Clean installation of the selinux policy add-on RPM

Actual behavior:

Additional context / logs:
@brandond
Copy link
Contributor

brandond commented Feb 1, 2023

Possibly a duplicate of k3s-io/k3s-selinux#36 - what version of container-selinux do you have installed?

@mhjacks
Copy link
Author

mhjacks commented Feb 1, 2023

container-selinux-2.198.0-1.el9.noarch. Even though I'm on CentOS 9 stream the container-selinux versions are pretty close if not identical in Fedora 37 right now; I'm inclined to think this is the same issue.

@brandond
Copy link
Contributor

brandond commented Feb 1, 2023

yep, sounds like it then.

@mhjacks
Copy link
Author

mhjacks commented Feb 1, 2023

Closing as duplicate to k3s-io/k3s-selinux#36

@mhjacks mhjacks closed this as not planned Won't fix, can't repro, duplicate, stale Feb 1, 2023
@brandond brandond mentioned this issue Apr 21, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@brandond @mhjacks