Description of problem: This is a continuation of the cert_t problem, but instead of dovecot, the culprit is now vsftpd. As an aside, I think I've seen bind do a similar thing at one stage (with the policy file from July 9), but I'll have to fiddle with it to verify... Version-Release number of selected component (if applicable): 1.25.1-7 How reproducible: Always. Additional info: Jul 12 17:51:23 beauty kernel: audit(1121154683.985:225): avc: denied { search } for pid=26291 comm="vsftpd" name="pki" dev=dm-0 ino=481589 scontext=root:sys tem_r:ftpd_t tcontext=system_u:object_r:cert_t tclass=dir Jul 12 17:51:23 beauty kernel: audit(1121154683.989:226): avc: denied { search } for pid=26291 comm="vsftpd" name="pki" dev=dm-0 ino=481589 scontext=root:sys tem_r:ftpd_t tcontext=system_u:object_r:cert_t tclass=dir
selinux-policy-targeted-1.25.2-4
Where can I find that one? The testing repository goes up to -3.
It should be going out tonight. You can grab a copy off of ftp://people.redhat.com/dwalsh/SELinux/FC4
Looking good! I'll close for now.