Description of problem: I'm getting - since introducing libsetrans - unnecessary avc denied messages: audit(1127126904.541:268): avc: denied { search } for pid=22987 comm="saslauthd" name="/" dev=selinuxfs ino=270 scontext=root:system_r: saslauthd_t tcontext=system_u:object_r:security_t tclass=dir and audit(1126900488.829:250): avc: denied { search } for pid=5725 comm="httpd" name="/" dev=selinuxfs ino=270 scontext=root:system_r:httpd_t tcontext=system_u: object_r:security_t tclass=dir Version-Release number of selected component (if applicable): selinux-policy-targeted-1.27.1-3 How reproducible: Do different things with saslauthd and httpd, but I can't really say, what action causes which message. Actual results: Unnecessary avc denied messages. This bug report looks to be related to "Re: NetworkManager wants security_t:file read..." on fedora-selinux-list (https:// www.redhat.com/archives/fedora-selinux-list/2005-September/msg00070.html). And are you sure, that your comment is the better one (rather Stephen Smalley's suggestion), anyway? Expected results: No avc denied messages any longer - in this case, of course ;-)
Fixed in selinux-policy-strict-1.27.1-4
Works & thanks, closing.