Description of problem: running pdflatex from a staff_u user account [root@base pdftex]# pwd /usr/share/texlive/texmf-var/web2c/pdftex [root@base pdftex]# ls -lZ -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 etex.fmt -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 etex.log -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 latex.fmt -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 latex.log -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 mptopdf.fmt -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 mptopdf.log -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 pdfetex.fmt -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 pdfetex.log -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 pdflatex.fmt -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 pdflatex.log -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 pdftex.fmt -rw-r--r--. root root system_u:object_r:initrc_tmp_t:s0 pdftex.log SELinux is preventing /usr/bin/pdftex from 'open' accesses on the file . ***** Plugin catchall (100. confidence) suggests ************************** If sie denken, dass es pdftex standardmässig erlaubt sein sollte, open Zugriff auf file zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # grep pdflatex /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context staff_u:staff_r:staff_t:s0-s0:c0.c1023 Target Context system_u:object_r:initrc_tmp_t:s0 Target Objects [ file ] Source pdflatex Source Path /usr/bin/pdftex Port <Unknown> Host (removed) Source RPM Packages texlive-pdftex-bin- svn30845.0-5.20131226_r32488.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-176.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.14.8-200.fc20.x86_64 #1 SMP Mon Jun 16 21:57:53 UTC 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-07-13 22:04:38 CEST Last Seen 2014-07-13 22:04:38 CEST Local ID fc371e35-b991-4f4b-b5d8-3fa5d64276e7 Raw Audit Messages type=AVC msg=audit(1405281878.258:41130): avc: denied { open } for pid=11845 comm="pdflatex" path="/var/lib/texmf/web2c/pdftex/pdflatex.fmt" dev="sda4" ino=1330385 scontext=staff_u:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file type=SYSCALL msg=audit(1405281878.258:41130): arch=x86_64 syscall=open success=no exit=EACCES a0=124a2a1 a1=0 a2=1b6 a3=0 items=0 ppid=21523 pid=11845 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts2 ses=1064 comm=pdflatex exe=/usr/bin/pdftex subj=staff_u:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Hash: pdflatex,staff_t,initrc_tmp_t,file,open Additional info: reporter: libreport-2.2.2 hashmarkername: setroubleshoot kernel: 3.14.8-200.fc20.x86_64 type: libreport
just ran restorecon -vR . on the directory and it fixed the type to tetex_data_t. I thought that i tried that already a few days ago. Seems to be fixed now.