diff --git a/selinux-policy.changes b/selinux-policy.changes
index f4a57b2..0fe9e81 100644
--- a/selinux-policy.changes
+++ b/selinux-policy.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed May  8 11:06:43 UTC 2024 - Johannes Segitz <jsegitz@suse.com>
+
+- Fixed varrun-convert.sh script to not break because of duplicate
+  entries
+
 -------------------------------------------------------------------
 Mon May  6 07:44:20 UTC 2024 - Johannes Segitz <jsegitz@suse.com>
 
diff --git a/varrun-convert.sh b/varrun-convert.sh
index b41b5ca..270ce1e 100644
--- a/varrun-convert.sh
+++ b/varrun-convert.sh
@@ -37,6 +37,7 @@ if ! grep -q ^/var/run ${FILE_CONTEXTS}; then
 fi
 
 EXTRA_VARRUN_ENTRIES_WITHDUP="$OUTPUTDIR/extra_varrun_entries_dup.txt"
+EXTRA_VARRUN_ENTRIES_WITHDUP_TMP="$OUTPUTDIR/extra_varrun_entries_dup.tmp"
 EXTRA_VARRUN_ENTRIES="$OUTPUTDIR/extra_varrun_entries.txt"
 EXTRA_VARRUN_CIL="$OUTPUTDIR/extra_varrun.cil"
 
@@ -47,12 +48,21 @@ grep ^/var/run ${FILE_CONTEXTS} > ${EXTRA_VARRUN_ENTRIES_WITHDUP}
 sed -i 's/[ \t]\+/ /g' ${EXTRA_VARRUN_ENTRIES_WITHDUP}
 sed 's/[ \t]\+/ /g' ${FILE_CONTEXTS} > ${FILE_CONTEXTS_UNIFIED}
 
+rm -f $EXTRA_VARRUN_ENTRIES_WITHDUP_TMP
+touch $EXTRA_VARRUN_ENTRIES_WITHDUP_TMP
 # Deduplicate already existing /var/run=/run entries
 while read line
 do
   subline="${line#/var}"
   if ! grep -q "^${subline}" ${FILE_CONTEXTS_UNIFIED}; then
-    echo "$line"
+    # check for overal duplicate entries
+    subline2=$(echo $line | sed -E -e 's/ \S+$//')
+    if ! grep -q "^${subline2}" ${EXTRA_VARRUN_ENTRIES_WITHDUP_TMP}; then
+      echo "$line"
+      echo "$line" >> $EXTRA_VARRUN_ENTRIES_WITHDUP_TMP
+    else
+      >&2 echo "DUP: $line"
+    fi
   fi
 done < ${EXTRA_VARRUN_ENTRIES_WITHDUP} > ${EXTRA_VARRUN_ENTRIES}