I am beginner with selinux, still in permissive mode. After system update I see the next exceptions in dmesg:

[554417.234763] audit: type=1400 audit(1612379151.820:3902): avc:  denied  { map } for  pid=27484 comm="exim" path="/etc/ld.so.cache" dev="mmcblk0p2" ino=542639 scontext=system_u:system_r:exim_t tcontext=root:object_r:etc_t tclass=file permissive=1
[554439.302701] audit: type=1400 audit(1612379173.886:3913): avc:  denied  { map } for  pid=27489 comm="sshd" path="/etc/ld.so.cache" dev="mmcblk0p2" ino=542639 scontext=system_u:system_r:sshd_t tcontext=root:object_r:etc_t tclass=file permissive=1

Found out the env-update breaks the labels on /etc/ld.so.cache


Reproducible: Always

Steps to Reproduce:
# ls -lZ /etc/ld.so.cache
-rw-r--r--. 1 root root root:object_r:etc_t 39699  3. Feb 20:22 /etc/ld.so.cache
# restorecon /etc/ld.so.cache
# ls -lZ /etc/ld.so.cache
-rw-r--r--. 1 root root root:object_r:ld_so_cache_t 39699  3. Feb 20:22 /etc/ld.so.cache
# env-update 
>>> Regenerating /etc/ld.so.cache...
# ls -lZ /etc/ld.so.cache
-rw-r--r--. 1 root root root:object_r:etc_t 39699  3. Feb 20:23 /etc/ld.so.cache

Actual Results:  
As you see the label ld_so_cache_t gets lost and replaced by etc_t

Expected Results:  
env-update should keep or restore the ld_so_cache_t label