From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7 Description of problem: audit.log reports denials to fstab-sync and dbus-daemon. See below for typical messages. Version-Release number of selected component (if applicable): selinux-policy-targeted-1.27.1-2.11 How reproducible: Always Steps to Reproduce: 1.Use FC4 updated nightly via yum 2.Install hal-0.5.2-2 and dbus-0.33-3.fc4.1 3.Plug in USB device 4. Check audit logs Expected Results: No denial errors for standard daemons. Additional info: From audit.log: type=AVC msg=audit(1129489817.456:9): avc: denied { write } for pid=1932 comm="fstab-sync" name="log" dev=tmpfs ino=4625 scontext=system_u:system_r:updfstab_t tcontext=system_u:object_r:device_t tclass=sock_file type=AVC msg=audit(1129489817.456:9): avc: denied { sendto } for pid=1932 comm="fstab-sync" name="log" scontext=system_u:system_r:updfstab_t tcontext=system_u:system_r:initrc_t tclass=unix_dgram_socket type=SYSCALL msg=audit(1129489817.456:9): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bfbc9ed0 a2=aacff4 a3=81c9c24 items=1 pid=1932 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="fstab-sync" exe="/usr/sbin/fstab-sync"
This looks like this may be a hal/udev problem. Why is /dev/log labeled device_t. It should be labeled devlog_t which is what udev is supposed to give it. Dan
Closing due to lack of response.