Selinux and Java errors in the fresh install during first "sudo dnf upgrade"

eve7 · September 17, 2022, 5:12am

I was trying to fresh install F36. During the installation process I usually leave the room and just restart the computer. However, this time I choosed to stay and saw these things during the installation.

Upgrading        : selinux-policy-36.14-1.fc36.noarch                479/1542 
  Running scriptlet: selinux-policy-36.14-1.fc36.noarch                479/1542 
  Running scriptlet: selinux-policy-targeted-36.14-1.fc36.noarch       480/1542 
  Upgrading        : selinux-policy-targeted-36.14-1.fc36.noarch       480/1542 
  Running scriptlet: selinux-policy-targeted-36.14-1.fc36.noarch       480/1542 
uavc:  op=load_policy lsm=selinux seqno=2 res=1Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
  Running scriptlet: container-selinux-2:2.188.0-1.fc36.noarch         481/1542 
  Upgrading        : container-selinux-2:2.188.0-1.fc36.noarch         481/1542 
  Running scriptlet: container-selinux-2:2.188.0-1.fc36.noarch         481/1542 
uavc:  op=load_policy lsm=selinux seqno=3 res=1Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
  Upgrading        : containers-common-4:1-59.fc36.noarch              482/1542 
  Upgrading        : flatpak-selinux-1.12.7-5.fc36.noarch              483/1542 
  Running scriptlet: flatpak-selinux-1.12.7-5.fc36.noarch              483/1542 
uavc:  op=load_policy lsm=selinux seqno=4 res=1Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
  Running scriptlet: flatpak-1.12.7-5.fc36.x86_64                      484/1542 
  Upgrading        : flatpak-1.12.7-5.fc36.x86_64                      484/1542 
  Running scriptlet: flatpak-1.12.7-5.fc36.x86_64                      484/1542 
  Upgrading        : xdg-desktop-portal-1.12.6-1.fc36.x86_64           485/1542 
  Running scriptlet: xdg-desktop-portal-1.12.6-1.fc36.x86_64           485/1542 
  Upgrading        : swtpm-0.7.3-1.20220427gitf2268ee.fc36.x86_64      486/1542 
  Running scriptlet: swtpm-0.7.3-1.20220427gitf2268ee.fc36.x86_64      486/1542 
uavc:  op=load_policy lsm=selinux seqno=6 res=1Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14
Regex version mismatch, expected: 10.39 2021-10-29 actual: 10.40 2022-04-14

and this

Upgrading        : java-17-openjdk-headless-1:17.0.4.1.1-1.fc36.x    512/1542 
warning: /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/conf/security/java.security created as /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/conf/security/java.security.rpmnew
warning: /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/conf/security/nss.fips.cfg created as /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/conf/security/nss.fips.cfg.rpmnew
warning: /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/lib/security/default.policy created as /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/lib/security/default.policy.rpmnew
warning: /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/lib/security/public_suffix_list.dat created as /etc/java/java-17-openjdk/java-17-openjdk-17.0.4.1.1-1.fc36.x86_64/lib/security/public_suffix_list.dat.rpmnew

  Running scriptlet: java-17-openjdk-headless-1:17.0.4.1.1-1.fc36.x    512/1542

It also seems that these packages verified such as

Verifying        : sane-backends-libs-1.1.1-3.fc36.x86_64           1356/1542 
  Verifying        : selinux-policy-36.14-1.fc36.noarch               1357/1542 
  Verifying        : selinux-policy-36.7-1.fc36.noarch                1358/1542 
  Verifying        : selinux-policy-targeted-36.14-1.fc36.noarch      1359/1542 
  Verifying        : selinux-policy-targeted-36.7-1.fc36.noarch       1360/1542 
  Verifying        : setup-2.14.1-1.fc36.noarch                       1361/1542

Verifying        : iwlax2xx-firmware-20220310-130.fc36.noarch        648/1542 
  Verifying        : java-17-openjdk-headless-1:17.0.4.1.1-1.fc36.x    649/1542 
  Verifying        : java-17-openjdk-headless-1:17.0.2.0.8-7.fc36.x    650/1542 
  Verifying        : kernel-headers-5.19.4-200.fc36.x86_64             651/1542 
  Verifying        : kernel-headers-5.17.0-300.fc36.x86_64             652/1542

and my update finishes without ant problem. Note that I am doing a fresh install and this is my first sudo dnf upgrade command.

I have seen this bug report but it seems no progress has been made

https://bugzilla.redhat.com/show_bug.cgi?id=2050774

Should I be worried or is there a solution to this problem.

From my research I have also find out these things

https://bodhi.fedoraproject.org/updates/FEDORA-2022-41fa7610dd

and this.

https://bugzilla.redhat.com/show_bug.cgi?id=2013642

In the last site, it says I should do semodule -B but I am not sure this bug and mine are the same.