[BUG] selinux.fcontext_policy_present can fail when a longer filespec exists which starts with the path of the new filespec

[ndptech]

Description
A change introduced in 3006.3 to the selinux module function _fcontext_add_or_delete_policy checks for the presence of an existing matching context, and if one is found changes the action from "add" to "modify".

In certain corner cases, where a longer filespec is already defined, this detection can match other contexts - which then changes the action to "modify", however since the policy does not actually exist, the attempt to modify fails.

A change was made in 3006.5 which allowed regex filespecs to work better, but it still does not cover this case.

Setup

• on-prem machine
• VM (Virtualbox, KVM, etc. please specify)
• VM running on a cloud service, please be explicit and add details
• container (Kubernetes, Docker, containerd, etc. please specify)
• or a combination, please be explicit
• jails if it is FreeBSD
• classic packaging
• onedir packaging
• used bootstrap to install

Steps to Reproduce the behavior

Use a state file selinux.sls containing:

context1:
  selinux.fcontext_policy_present:
    - name: /usr/share/munin/plugins/mysql_queries
    - sel_type: services_munin_plugin_exec_t

context2:
  selinux.fcontext_policy_present:
    - name: /usr/share/munin/plugins/mysql_
    - sel_type: unconfined_munin_plugin_exec_t

Expected behavior
Both states should have succeeded

Versions Report

salt --versions-report

Salt Version:
          Salt: 3006.5
 
Python Version:
        Python: 3.10.13 (main, Nov 15 2023, 04:34:27) [GCC 11.2.0]
 
Dependency Versions:
          cffi: 1.14.6
      cherrypy: unknown
      dateutil: 2.8.1
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 3.1.2
       libgit2: Not Installed
  looseversion: 1.0.2
      M2Crypto: Not Installed
          Mako: Not Installed
       msgpack: 1.0.2
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     packaging: 22.0
     pycparser: 2.21
      pycrypto: Not Installed
  pycryptodome: 3.9.8
        pygit2: Not Installed
  python-gnupg: 0.4.8
        PyYAML: 6.0.1
         PyZMQ: 23.2.0
        relenv: 0.14.2
         smmap: Not Installed
       timelib: 0.2.4
       Tornado: 4.5.3
           ZMQ: 4.3.4
 
System Versions:
          dist: rocky 9.2 Blue Onyx
        locale: utf-8
       machine: x86_64
       release: 5.14.0-284.30.1.el9_2.x86_64
        system: Linux
       version: Rocky Linux 9.2 Blue Onyx