This looks like the log file is being created by some other process other then getty_t?  If getty_t process creates a file in /var/log it will be labeled getty_log_t according to policy.

Any chance the init script is creating this file?

systemctl stop mgetty
I will remove the local selinux rule
semanage fcontext -d --seuser system_u -t getty_log_t '/var/log/mgetty.*\.log.*'
and the log
cd /var/log/
mv mgetty.ttyACM0.log mgetty.ttyACM0.log.old
cd /tmp
systemctl start mgetty 
cd /var/log

ls -Zlh /var/log/mgetty.ttyACM0.log*
-rw-r--r--. 1 system_u:object_r:getty_log_t:s0 root root 1.9K Sep 16 20:34 /var/log/mgetty.ttyACM0.log
-rw-r--r--. 1 system_u:object_r:getty_log_t:s0 root root 112K Sep 15 03:46 /var/log/mgetty.ttyACM0.log.1
-rw-r--r--. 1 system_u:object_r:getty_log_t:s0 root root 108K Sep  8 04:02 /var/log/mgetty.ttyACM0.log.2
-rw-r--r--. 1 system_u:object_r:getty_log_t:s0 root root  94K Sep  1 04:40 /var/log/mgetty.ttyACM0.log.3
-rw-r--r--. 1 system_u:object_r:getty_log_t:s0 root root  32K Sep 16 20:27 /var/log/mgetty.ttyACM0.log.old

and Dan you are right the file is created correctly now, the avc appeared after updating the selinux-policy but before rebooting the machine so  at that time I tried restorecon -RFv /var/log/mgetty* but the file contexts didn't change so reported the bug, maybe I needed to reboot the machine first before report the AVC

so I'm closing the bug thanks, and thanks for your work in selinux, in earlier Fedora realases I have many custom allow selinux rules but now only have one

Gabriel

I updated to: 
selinux-policy-3.12.1-74.4.fc19.noarch
selinux-policy-devel-3.12.1-74.4.fc19.noarch
selinux-policy-targeted-3.12.1-74.4.fc19.noarch

and that triggered the bug because the update reset the log file context to:

ls -lZ /var/log/mgetty.ttyACM0.log*
-rw-r--r--. root root system_u:object_r:var_log_t:s0 /var/log/mgetty.ttyACM0.log
-rw-r--r--. root root system_u:object_r:var_log_t:s0 /var/log/mgetty.ttyACM0.log.1
-rw-r--r--. root root system_u:object_r:var_log_t:s0 /var/log/mgetty.ttyACM0.log.2

if I remove the /var/log/mgetty.ttyACM0.log and start
systemctl start mgetty
the log file is created correctly ls -lZ /var/log/mgetty.ttyACM0.log*

-rw-r--r--. root root system_u:object_r:getty_log_t:s0 /var/log/mgetty.ttyACM0.log
-rw-r--r--. root root system_u:object_r:var_log_t:s0 /var/log/mgetty.ttyACM0.log.1

but if I do restorecon -RFv /var/log/mgetty.ttyACM0.log*

restorecon reset /var/log/mgetty.ttyACM0.log context system_u:object_r:getty_log_t:s0->system_u:object_r:var_log_t:s0


thanks, 

Gabriel

commit 5daf31839f67b838ee23c91847b4d0b4bd70de4e
Author: Miroslav Grepl <mgrepl>
Date:   Mon Sep 30 16:17:29 2013 +0200

    Fix labeling for mgetty.* logs

selinux-policy-3.12.1-74.9.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-74.9.fc19

Package selinux-policy-3.12.1-74.9.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-74.9.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-18701/selinux-policy-3.12.1-74.9.fc19
then log in and leave karma (feedback).

selinux-policy-3.12.1-74.9.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

selinux-policy-3.12.1-74.9.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.