From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040809 Epiphany/1.3.8 Description of problem: Starting mdmonitor: audit(1095188105.721:0): avc: denied { read } for pid=2789 exe=/sbin/mdadm name=mdstat dev=proc ino=-268435080 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:proc_mdstat_t tclass=file Starting ntpd: [ OK ] audit(1095188122.323:0): avc: denied { name_bind } for pid=3050 exe=/usr/sbin/ntpd src=682 scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket audit(1095188122.331:0): avc: denied { name_bind } for pid=3050 exe=/usr/sbin/ntpd src=683 scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket audit(1095188122.341:0): avc: denied { name_bind } for pid=3050 exe=/usr/sbin/ntpd src=684 scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket The mdadm error repeats periodically and interferes with my use of the console. Version-Release number of selected component (if applicable): selinux-policy-targeted-1.17.14-1 How reproducible: Always
Yuck. This problem causes a messed-up initrd.img to be created if your root device happens to be on raid.
The mdadm bug is fixed by a patch I sent to selinux@tycho. Not sure about the ntpd one.
selinux-policy-targeted-1.17.16-2 should fix this problem.
I upgraded to selinux-policy-targeted-1.17.16-2 and no longer receive the ntpd error. (I have not received the mdadm error since Colin patched my sources yesterday afternoon, and upgrading to 16-2 did not cause the mdadm error to resurface.) I found 16-2 in dist/fc3-HEAD and not dist/fc3, and I'm not sure if that means this can be closed "RAWHIDE" or not.
It made it to FC3-re0915.0, so it's certainly going to be in FC3test2 and probably tomorrow's rawhide. Feel free to close it.