CR-2026-03-10 vault-backup SELinux Policy Module — Rollback

Rollback Procedure

Trigger Conditions

Rollback if:

  • SELinux policy causes unexpected denials elsewhere

  • System instability after policy installation

  • Policy grants excessive permissions

Rollback Steps

# Remove the policy module
sudo semodule -r vault-backup
# Verify removal
semodule -l | grep vault
# Output: (empty)
Rollback will cause vault-backup.service to fail again. Revert only if policy causes other issues.

Rollback Verification

  • Policy module removed

  • No unexpected system behavior

  • Document reason for rollback