Description of problem: AVC raised during freeipa-server installation on VM. Version-Release number of selected component (if applicable): freeipa-server-4.1.2-1.fc21 certmonger-0.76.8-1.fc21 selinux-policy-3.13.1-92.fc21 How reproducible: Always Steps to Reproduce: 1. Install: freeipa-server package 1. Run: ipa-server-install Actual results: AVC: time->Tue Dec 2 15:17:34 2014 type=AVC msg=audit(1417529854.112:1408): avc: denied { unlink } for pid=6112 comm="certmonger" name="20141126111856" dev="dm-0" ino=681800 scontext=system_u:system_r:certmonger_t:s0 tcontext=system_u:object_r:sssd_public_t:s0 tclass=file permissive=0 Expected results: no AVC Additional info: audit2allow: allow certmonger_t sssd_public_t:file unlink;
09a9acc5858c70aedc0dff1e2b544291aaa5222b allows this in git.
selinux-policy-3.13.1-105.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/selinux-policy-3.13.1-105.fc21
Package selinux-policy-3.13.1-105.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.13.1-105.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-1337/selinux-policy-3.13.1-105.fc21 then log in and leave karma (feedback).
selinux-policy-3.13.1-105.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.