Created attachment 1073536 [details] avc7.tar.gz Description of problem: After RHEVH installed,there are AVC denied errors (dev="tmpfs") in audit.log. Version: rhev-hypervisor7-7.1-20150911.0.el6ev ovirt-node-3.2.3-20.el7.noarch selinux-policy-3.13.1-23.el7_1.17.noarch How reproducible: 100% Steps to Reproduce: 1.RHEV-H installed successful. selinux in enforcing mode as default. 2.Login to rhevh, # grep "avc: denied" /var/log/audit/audit.log type=AVC msg=audit(1442218987.816:265): avc: denied { unlink } for pid=17150 comm="rm" name="ntp.conf.predhclient.em1" dev="tmpfs" ino=52480 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmpfs_t:s0 tclass=file Actual results: AVC msgs in audit.log Expected results: No avc denied errors in audit.log. Additional info:
Test version: rhev-hypervisor7-7.2-20151025.0.el7ev ovirt-node-3.3.0-0.18.20151022git82dc52c.el7ev.noarch selinux-policy-3.13.1-60.el7.noarch Test steps: 1.RHEV-H installed successful. selinux in enforcing mode as default. 2.Login to rhevh, 3. Run command: # grep "avc: denied" /var/log/audit/audit.log Test result: No avc denied errors in audit.log. So the bug is fixed, change bug status to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0378.html