Bug 151930

Summary: avc: denied { getattr } for pid=2388 exe=/bin/mktemp path=/tmp dev=tmpfs ino=5312 scontext=user_u:system_r:dhcpc_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Product: [Fedora] Fedora Reporter: Orion Poplawski <orion>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-07 16:22:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Add restorcon patch none

Description Orion Poplawski 2005-03-23 17:35:42 UTC 
Description of problem:

Get the following audit on a freshly installed rawhide system:

avc:  denied  { getattr } for  pid=2388 exe=/bin/mktemp path=/tmp dev=tmpfs
ino=5312 scontext=user_u:system_r:dhcpc_t tcontext=user_u:object_r:tmpfs_t
tclass=dir

appears to prevent dhcp from setting /etc/resolv.conf properly.  

/tmp is a tmpfs filesystem


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.23.3-2.noarch.
Comment 1 Daniel Walsh 2005-03-24 21:38:38 UTC 
Created attachment 112338 [details]
Add restorcon patch
Comment 2 Daniel Walsh 2005-03-24 21:39:39 UTC 
Could you apply the above patch to /etc/rc.d/rc.sysinit 
and see if this fixes your problem
Comment 3 Orion Poplawski 2005-04-07 16:22:17 UTC 
Did not see this with a fresh install from today's rawhide.  rc.sysinit does not
appear to have this patch, so apparently it's not necessary anymore?

/tmp is labeled as tmp_t:

drwxrwxrwt  root     root     system_u:object_r:tmp_t          .