diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 5159ecdff7..c56d4d07d4 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -11,31 +11,6 @@
   handlers:
   - import_tasks: "{{ handlers_path }}/restart_services.yml"
 
-
-  pre_tasks:
-  - name: install libsemanage
-    package:
-      state: present
-      name:
-      - policycoreutils-python-utils
-      - policycoreutils-python
-    tags:
-    - httpd
-    - httpd/website
-    when: (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8) or (ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora')
-
-  - name: install libsemanage in a python3 manner
-    package:
-      state: present
-      name:
-      - python3-policycoreutils
-      - policycoreutils-python-utils
-    tags:
-    - httpd
-    - httpd/website
-    when: (ansible_distribution_major_version|int >= 30 and ansible_distribution == 'Fedora') or (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int >= 8)
-
-
   - name: Create /srv/web/ for all the goodies.
     file: >
         dest=/srv/web state=directory
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 0070a413ac..3967e4cf24 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -5,6 +5,9 @@
 # Things in here are things we want to do to every machine no matter what.
 #
 
+#
+# on rhel6 and rhel7 installing policycoreutils-python is all we need for ansible
+#
 - name: ensure packages required for semanage are installed (rhel 6 and 7)
   package: name={{ item }} state=present
   with_items:
@@ -13,6 +16,10 @@
   - selinux
   when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
+# 
+# On fedora and rhel larger than 7, all we need is policycoreutils-python-utils, 
+# which in turn pulls in python3-policycoreutils
+#
 - name: ensure packages required for semanage are installed (fedora/rhel8)
   package: name=policycoreutils-python-utils state=present
   when: ansible_distribution_major_version|int > 7
diff --git a/roles/collectd/memcached/tasks/main.yml b/roles/collectd/memcached/tasks/main.yml
index f363df87de..4d6700c0fb 100644
--- a/roles/collectd/memcached/tasks/main.yml
+++ b/roles/collectd/memcached/tasks/main.yml
@@ -8,14 +8,6 @@
   - memcached
   notify: restart collectd
 
-- name: Ensure that semanage is present
-  package: name=policycoreutils-python state=present
-  tags:
-  - collectd/memcached
-  - collectd
-  - memcached
-  - selinux
-
 - name: lastly, set some selinux booleans
   seboolean: name=collectd_tcp_network_connect persistent=yes state=yes
   tags:
diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml
index 914f30be99..bb6925cd24 100644
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@@ -3,10 +3,8 @@
   package: name={{ item }} state=present update_cache=yes
   with_items:
   - bzip2
-  - libsemanage-python 
   - mod_ssl
   - nfs-utils
-  - policycoreutils-python
   tags:
   - packages
 
diff --git a/roles/fedmsg/base/tasks/main.yml b/roles/fedmsg/base/tasks/main.yml
index fe11424c5c..d7100eeb55 100644
--- a/roles/fedmsg/base/tasks/main.yml
+++ b/roles/fedmsg/base/tasks/main.yml
@@ -42,15 +42,6 @@
   - fedmsg/base
   when: ansible_distribution_major_version|int < 31 and ansible_distribution == 'Fedora'
 
-- name: install needed packages
-  dnf:
-    name: ['policycoreutils-python-utils']
-    state: present
-  tags:
-  - packages
-  - fedmsg/base
-  when: ansible_distribution_major_version|int > 22
-
 # We only need this on el6.  On el7, the fedmsg package uses systemd-tempfiles
 # to generate this effect for us.  Note that at the bottom of this role we add
 # the nrpe user to the fedmsg group so that it has *write* permissions to a unix
diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
index 68cc3eb690..382f8b02e3 100644
--- a/roles/mailman/tasks/main.yml
+++ b/roles/mailman/tasks/main.yml
@@ -7,12 +7,6 @@
 # SELinux
 # TODO: switch to the sefcontext module when we update Ansible to 2.2+
 #
-- name: install semanage
-  package: name=policycoreutils-python state=present
-  tags:
-  - mailman
-  - selinux
-
 - name: set the SELinux policy for the configuration directory
   command: semanage fcontext -a -t etc_t "{{ mailman_webui_confdir }}(/.*)?"
   tags:
diff --git a/roles/pagure/fedmsg/tasks/main.yml b/roles/pagure/fedmsg/tasks/main.yml
index dcc89e64ff..e2168e6b18 100644
--- a/roles/pagure/fedmsg/tasks/main.yml
+++ b/roles/pagure/fedmsg/tasks/main.yml
@@ -8,7 +8,6 @@
   - fedmsg
   - libsemanage-python
   - python-psutil
-  - policycoreutils-python  # This is in the kickstart now.  Here for old hosts.
   tags:
   - packages
   - pagure
diff --git a/roles/torrent/tasks/main.yml b/roles/torrent/tasks/main.yml
index 0512d41c01..47f7ff81d9 100644
--- a/roles/torrent/tasks/main.yml
+++ b/roles/torrent/tasks/main.yml
@@ -11,7 +11,6 @@
   - mktorrent
   - python-simplejson
   - bittorrent
-  - policycoreutils-python
   tags:
   - packages
 
diff --git a/roles/unbound/tasks/main.yml b/roles/unbound/tasks/main.yml
index d2af556976..008f44190e 100644
--- a/roles/unbound/tasks/main.yml
+++ b/roles/unbound/tasks/main.yml
@@ -2,7 +2,6 @@
   package: name={{ item }} state=present
   with_items:
   - unbound
-  - policycoreutils-python
 
 - name: install unbound config
   copy: src=unbound.conf dest=/etc/unbound/unbound.conf mode=644