The SELinux upgrade today on my PC says “replacing SELinux” (but doesn’t on my other Workstation & Server installs), though I’m not sure if it’s related to my problem, but it prompted me to investigate.
When I first installed the system, I cleared all local SELinux boolean rules with sudo semanage boolean -D. After today’s upgrade, I checked the booleans with sudo semanage boolean -lC and found 2 local customizations: virt_sandbox_use_all_caps, virt_use_nfs.
I believe I saw them during initial install as well, which was the reason I cleared the local rules. However they are not added back in my other installs.
Which package added them? Could these be from Flatpak? The only difference between my PC and other devices is that I’m using Flatpak apps.
I cleared them again for now, but I’ll watch the upgrades and SELinux denials to see who needs them.
p.s. The extra point of worry. I’m not sure if it’s related to that. I’m using Firefox Flatpak.