When I was trying to remove firefox and firefox-langpacks in the base image, after running sudo rpm-ostree override remove firefox firefox-langpacks, I got the error message:
error: Running %post for fail2ban-selinux: bwrap(/bin/sh): Child process killed by signal 1; run `journalctl -t 'rpm-ostree(fail2ban-selinux.post)'` for more information
and journalctl -t 'rpm-ostree(fail2ban-selinux.post)' shows:
rpm-ostree(fail2ban-selinux.post)[97393]: /proc/self/fd/5: line 10: /usr/sbin/rm: No such file or directory
rpm-ostree(fail2ban-selinux.post)[97394]: libsemanage.semanage_direct_install_info: Overriding fail2ban module at lower priority 100 with module at priority 200.
Actually this is not the first time the error occured, there are multiple records in the journalctl log. It seems the error appears every time I run upgrade command.
I am not sure if my local changes are related here.
I once added local selinux rules: sudo semanage fcontext -a -t fail2ban_var_run_t '/run/fail2ban.*' because fail2ban failed to start when I rebased to fedora 40. After the rules were added in the upstream, I removed local rules by running sudo semanage fcontext -D. I am not sure if the leftover of selinux configs caused libsemanage error.
Maybe the rest of the error is an upstream bug. I think rm resides in /usr/bin instead of /usr/sbin.