Recently started working on policy migration to a new system. The following errors are cryptic and it took some digging to figure out what was going on. I saw others online had the same errors but the general fix seemed to be "load the new policy". But didn't really go into details of how policies are fixed.
Compiling targeted netmgr module
Creating targeted netmgr.pp policy package
Loading targeted modules: netmgr
Failed to resolve filecon statement at /var/lib/selinux/targeted/tmp/modules/400/netmgr/cil:50
/usr/sbin/semodule: Failed!
make: *** [/usr/share/selinux/devel/include/Makefile:145: reload] Error 1
Cause: fc file contains a type that it can't resolve. So using:
system_u:object_r:netmgr_conf_t
instead of
system_u:object_r:netmgr_conf_t:s0
or
system_u:object_r:notdefined_yet_t:s0
will cause this error
Compiling targeted netmgr module
Creating targeted netmgr.pp policy package
Loading targeted modules: netmgr
Problems processing filecon rules
Failed post db handling
/usr/sbin/semodule: Failed!
make: *** [/usr/share/selinux/devel/include/Makefile:145: reload] Error 1
Cause: fc file contains an entry that duplicates another entry elsewhere. EG:
/bin/myscript\.sh -- system_u:object_r:policy_script_t:s0
and another entry elsewhere:
/bin/myscript\.sh -- system_u:object_r:otherpolicy_t:s0
The semanage fcontext command can be useful to find these conflicts
semanage fcontext -l |grep /bin/myscript
Compiling targeted netmgr module
Creating targeted netmgr.pp policy package
Loading targeted modules: netmgr
Failed to resolve typeattributeset statement at /var/lib/selinux/targeted/tmp/modules/400/netmgr/cil:14
/usr/sbin/semodule: Failed!
make: *** [/usr/share/selinux/devel/include/Makefile:145: reload] Error 1
Cause: require{ type }, includes a type that doesn't exist or isn't loaded yet
Hope this helps save someone else out there some time.