I'm setting up a new system, and even though I have selinux enabled, a few selinux policies got missed when I was installing the packages they are for. So I tried to emerge them myself, and it fails EVERY TIME with the same error. Here's an example of the output of the emerge: # emerge --ask n -DN selinux-mailman Calculating dependencies .... done! >>> Verifying ebuild manifests >>> Emerging (1 of 1) sec-policy/selinux-mailman-2.20190201-r1::gentoo * refpolicy-2.20190201.tar.bz2 BLAKE2B SHA512 size ;-) ... [ ok ] * patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 BLAKE2B SHA512 size ;-) ... [ ok ] >>> [1m[37mcfg-update-1.8.2-r1[0m[0m: Creating checksum index... >>> Unpacking source... >>> Unpacking refpolicy-2.20190201.tar.bz2 to /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work >>> Unpacking patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 to /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work >>> Source unpacked in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work >>> Preparing source in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work ... * Applying SELinux policy updates ... * Applying 0001-full-patch-against-stable-release.patch ... [ ok ] >>> Source prepared. >>> Configuring source in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work ... >>> Source configured. >>> Compiling source in /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work ... make -j4 NAME=strict SHAREDIR=/usr/share/selinux -C /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work//strict make: Entering directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/strict' Compiling strict mailman module Creating strict mailman.pp policy package rm tmp/mailman.mod.fc tmp/mailman.mod make: Leaving directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/strict' make -j4 NAME=targeted SHAREDIR=/usr/share/selinux -C /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work//targeted make: Entering directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/targeted' Compiling targeted mailman module Creating targeted mailman.pp policy package rm tmp/mailman.mod.fc tmp/mailman.mod make: Leaving directory '/var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/work/targeted' >>> Source compiled. >>> Test phase [not enabled]: sec-policy/selinux-mailman-2.20190201-r1 >>> Install sec-policy/selinux-mailman-2.20190201-r1 into /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/image/ * Installing strict mailman policy package * Installing targeted mailman policy package >>> Completed installing sec-policy/selinux-mailman-2.20190201-r1 into /var/tmp/portage/sec-policy/selinux-mailman-2.20190201-r1/image/ * Final size of build directory: 43412 KiB (42.3 MiB) * Final size of installed tree: 440 KiB >>> Installing (1 of 1) sec-policy/selinux-mailman-2.20190201-r1::gentoo !!! Unable to set SELinux security labels * Inserting the following modules into the strict module store: mailman Failed to resolve roletype statement at /var/lib/selinux/strict/tmp/modules/400/mailman/cil:6 semodule: Failed! * SELinux module load failed. Trying full reload... Failed to resolve typeattributeset statement at /var/lib/selinux/strict/tmp/modules/400/apache/cil:227 semodule: Failed! * Failed to reload SELinux policies. * * If this is *not* the last SELinux module package being installed, * then you can safely ignore this as the reloads will be retried * with other, recent modules. * * If it is the last SELinux module package being installed however, * then it is advised to look at the error above and take appropriate * action since the new SELinux policies are not loaded until the * command finished succesfully. * * To reload, run the following command from within /usr/share/selinux/strict: * semodule -i base.pp -i $(ls *.pp | grep -v base.pp) * or * semodule -i base.pp -i $(ls *.pp | grep -v base.pp | grep -v unconfined.pp) * depending on if you need the unconfined domain loaded as well or not. * Inserting the following modules into the targeted module store: mailman Failed to resolve roletype statement at /var/lib/selinux/targeted/tmp/modules/400/mailman/cil:6 semodule: Failed! * SELinux module load failed. Trying full reload... Failed to resolve typeattributeset statement at /var/lib/selinux/targeted/tmp/modules/400/apache/cil:227 semodule: Failed! * Failed to reload SELinux policies. * * If this is *not* the last SELinux module package being installed, * then you can safely ignore this as the reloads will be retried * with other, recent modules. * * If it is the last SELinux module package being installed however, * then it is advised to look at the error above and take appropriate * action since the new SELinux policies are not loaded until the * command finished succesfully. * * To reload, run the following command from within /usr/share/selinux/targeted: * semodule -i base.pp -i $(ls *.pp | grep -v base.pp) * or * semodule -i base.pp -i $(ls *.pp | grep -v base.pp | grep -v unconfined.pp) * depending on if you need the unconfined domain loaded as well or not. >>> Recording sec-policy/selinux-mailman in "world" favorites file... >>> Auto-cleaning packages... >>> No outdated packages were found on your system. * GNU info directory index is up-to-date. Running the listed commands gives the same error, but for apache/cli vs mailman/cli.