Created attachment 888771 [details] build.log podman's Makefile makes an unfortunate assumption about the loaded SELinux policy and tries to relabel the podman binary with a type that doesn't exist in Gentoo's policy (container_runtime_exec_t vs. podman_exec_t). It seems setting SELINUXOPT to an empty value successfully tricks the build system to skip its SELinux relabeling step, then Portage will take care of it like normal.
*** Bug 927708 has been marked as a duplicate of this bug. ***
Since my (reported-first) bug was closed as a dup of this newer one, I'll re-add that this needs to be solved by packaging container-selinux[1] for Gentoo: [1] https://github.com/containers/container-selinux/
(In reply to Ed Santiago from comment #2) > Since my (reported-first) bug was closed as a dup of this newer one, I'll > re-add that this needs to be solved by packaging container-selinux[1] for > Gentoo: > > [1] https://github.com/containers/container-selinux/ I closed your bug because the purported fix is incorrect. container-selinux is not compatible with Gentoo's SELinux policy. For podman specifically, we have sec-policy/selinux-podman which contains the correct type podman_exec_t. You can workaround this for now by setting SELINUXOPT to an empty value when building podman, e.g.: SELINUXOPT= emerge podman
