From 01c3ed1a1d464a944b4dcdf55fdc2c19c4e76794 Mon Sep 17 00:00:00 2001 From: Pavol Sloboda Date: Wed, 23 Jul 2025 08:58:31 +0200 Subject: [PATCH] Updated the cil selinux rules for galera to install properly added the missing bracket and removed the illegal . from the name and replaced it with a _ This issue has been found after recieving a dnf error during installation of the mariadb-server-galera package: >>> Scriptlet output: >>> Close parenthesis without matching open at line 15 of /var/lib/selinux/targeted/tmp/modules/200/mariadb-server-galera/cil >>> libsemanage.semanage_load_files: Error while reading from file /var/lib/selinux/targeted/tmp/modules/200/mariadb-server-galera/cil. (No such file or directory). >>> semodule: Failed! and the subsequent call of `semodule -lfull | grep galera` prints nothing and returns 1 The expected output for the installation is to go through normally without the above mentioned error And the expected output for `semodule -lfull | grep galera` is: 200 mariadb-server-galera cil and the command returning 0 --- mariadb-server-galera.cil | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mariadb-server-galera.cil b/mariadb-server-galera.cil index 80cef1d..269a41b 100644 --- a/mariadb-server-galera.cil +++ b/mariadb-server-galera.cil @@ -1,4 +1,4 @@ -(optional mariadb-server-galera-1.0 +(optional mariadb-server-galera-1_0 (typeattributeset cil_gen_require mysqld_t) (typeattributeset cil_gen_require rsync_exec_t) (typeattributeset cil_gen_require anon_inodefs_t) @@ -7,7 +7,7 @@ ; allow mysqld to run rsyncd (allow mysqld_t self (process (setpgid))) (allow mysqld_t rsync_exec_t (file (read execute execute_no_trans getattr open))) - (allow mysqld_t anon_inodefs_t (file getattr))) + (allow mysqld_t anon_inodefs_t (file (getattr))) (allow mysqld_t proc_net_t (file (read open))) ; allow rsyncd to listen on port 4444