Recent SELinux policy update breaks SELinux with docker-selinux < 1.10.3-57. The current version in extras repository seems to be 1.10.3-46.
This breaks a lot of things, including any attempt to change the policy using semanage for anyone who has ever had docker-selinux installed on their system.
Scientific Linux guys seem to be on the ball with this one, but CentOS ARM hasn't had docker-selinux updated yet even though the update has been upstream since late November.
Gordan
I figured this out - it turns out the problem was that following a recent update, both docker-selinux and container-selinux were present. container-selinux is what the docker 1.12 update uses, but docker 1.10 used docker-selinux. So the problem was that container-selinux doesn't contain: "Deprecates: docker-selinux". This should probably be fixed before somebody else ends up wasting their time troubleshooting the issue.
On Thu, Mar 9, 2017 at 12:53 PM, Gordan Bobic gordan@redsleeve.org wrote:
Recent SELinux policy update breaks SELinux with docker-selinux < 1.10.3-57. The current version in extras repository seems to be 1.10.3-46.
This breaks a lot of things, including any attempt to change the policy using semanage for anyone who has ever had docker-selinux installed on their system.
Scientific Linux guys seem to be on the ball with this one, but CentOS ARM hasn't had docker-selinux updated yet even though the update has been upstream since late November.
Gordan
-
Gordan Bobic