I'm setting up a new system, and even though I have selinux enabled, a few selinux policies got missed when I was installing the packages they are for. So I tried to emerge them myself, and it fails EVERY TIME with the same error. Here's an example of the output of the emerge:

# emerge --ask n -DN selinux-mailman
Calculating dependencies  .... done!

>>> Verifying ebuild manifests

>>> Emerging (1 of 1) sec-policy/selinux-mailman-2.20190201-r1::gentoo
 * refpolicy-2.20190201.tar.bz2 BLAKE2B SHA512 size ;-) ...              [ ok ]
 * patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 BLAKE2B SHA512 size ;-) ...           [ ok ]
>>> [1m[37mcfg-update-1.8.2-r1[0m[0m: Creating checksum index...
>>> Unpacking source...
>>> Unpacking refpolicy-2.20190201.tar.bz2 to /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work
>>> Unpacking patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 to /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work
>>> Source unpacked in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work
>>> Preparing source in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work ...
 * Applying SELinux policy updates ... 
 * Applying 0001-full-patch-against-stable-release.patch ...
 [ ok ]
>>> Source prepared.
>>> Configuring source in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work ...
>>> Source configured.
>>> Compiling source in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work ...
make -j4 NAME=strict SHAREDIR=/usr/share/selinux -C /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work//strict 
make: Entering directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/strict'
Compiling strict mailman module
Creating strict mailman.pp policy package
rm tmp/mailman.mod.fc tmp/mailman.mod
make: Leaving directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/strict'
make -j4 NAME=targeted SHAREDIR=/usr/share/selinux -C /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work//targeted 
make: Entering directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/targeted'
Compiling targeted mailman module
Creating targeted mailman.pp policy package
rm tmp/mailman.mod.fc tmp/mailman.mod
make: Leaving directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/targeted'
>>> Source compiled.
>>> Test phase [not enabled]: sec-policy/selinux-mailman-2.20190201-r1

>>> Install sec-policy/selinux-mailman-2.20190201-r1 into /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/image/
 * Installing strict mailman policy package
 * Installing targeted mailman policy package
>>> Completed installing sec-policy/selinux-mailman-2.20190201-r1 into /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/image/

 * Final size of build directory: 43412 KiB (42.3 MiB)
 * Final size of installed tree:    440 KiB


>>> Installing (1 of 1) sec-policy/selinux-mailman-2.20190201-r1::gentoo
!!! Unable to set SELinux security labels
 * Inserting the following modules into the strict module store: mailman
Failed to resolve roletype statement at /var/lib/selinux/strict/tmp/modules/400/mailman/cil:6
semodule:  Failed!
 * SELinux module load failed. Trying full reload...
Failed to resolve typeattributeset statement at /var/lib/selinux/strict/tmp/modules/400/apache/cil:227
semodule:  Failed!
 * Failed to reload SELinux policies.
 * 
 * If this is *not* the last SELinux module package being installed,
 * then you can safely ignore this as the reloads will be retried
 * with other, recent modules.
 * 
 * If it is the last SELinux module package being installed however,
 * then it is advised to look at the error above and take appropriate
 * action since the new SELinux policies are not loaded until the
 * command finished succesfully.
 * 
 * To reload, run the following command from within /usr/share/selinux/strict:
 *   semodule -i base.pp -i $(ls *.pp | grep -v base.pp)
 * or
 *   semodule -i base.pp -i $(ls *.pp | grep -v base.pp | grep -v unconfined.pp)
 * depending on if you need the unconfined domain loaded as well or not.
 * Inserting the following modules into the targeted module store: mailman
Failed to resolve roletype statement at /var/lib/selinux/targeted/tmp/modules/400/mailman/cil:6
semodule:  Failed!
 * SELinux module load failed. Trying full reload...
Failed to resolve typeattributeset statement at /var/lib/selinux/targeted/tmp/modules/400/apache/cil:227
semodule:  Failed!
 * Failed to reload SELinux policies.
 * 
 * If this is *not* the last SELinux module package being installed,
 * then you can safely ignore this as the reloads will be retried
 * with other, recent modules.
 * 
 * If it is the last SELinux module package being installed however,
 * then it is advised to look at the error above and take appropriate
 * action since the new SELinux policies are not loaded until the
 * command finished succesfully.
 * 
 * To reload, run the following command from within /usr/share/selinux/targeted:
 *   semodule -i base.pp -i $(ls *.pp | grep -v base.pp)
 * or
 *   semodule -i base.pp -i $(ls *.pp | grep -v base.pp | grep -v unconfined.pp)
 * depending on if you need the unconfined domain loaded as well or not.

>>> Recording sec-policy/selinux-mailman in "world" favorites file...
>>> Auto-cleaning packages...

>>> No outdated packages were found on your system.

 * GNU info directory index is up-to-date.

Running the listed commands gives the same error, but for apache/cli vs mailman/cli.