Description of problem: Updating the kernel always shows grubby denied messages Version-Release number of selected component (if applicable): selinux-policy-targeted-2.3.3-20 selinux-policy-2.3.3-20 How reproducible: always Steps to Reproduce: 1. Install/upgrade kernel 2. 3. Actual results: Kernel update/install works just fine but 'grubby' seem to have some problems. audit(1154712574.821:13): avc: denied { search } for pid=5516 comm="grubby" name="root" dev=dm-0 ino=8028161 scontext=user_u:system_r:bootloader_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=dir audit(1154712638.169:19): avc: denied { search } for pid=7251 comm="grubby" name="root" dev=dm-0 ino=8028161 scontext=user_u:system_r:bootloader_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=dir audit(1154712646.018:20): avc: denied { search } for pid=8287 comm="grubby" name="root" dev=dm-0 ino=8028161 scontext=user_u:system_r:bootloader_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=dir audit(1154712656.195:21): avc: denied { search } for pid=8320 comm="grubby" name="root" dev=dm-0 ino=8028161 scontext=user_u:system_r:bootloader_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=dir audit(1154712900.454:23): avc: denied { search } for pid=10198 comm="grubby" name="root" dev=dm-0 ino=8028161 scontext=user_u:system_r:bootloader_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=dir Expected results: no avc: denied { search } for pid=5516 comm="grubby" messages Additional info: This 'bug' seems to be here for some time.
Fixed in selinux-policy-2.3.14-3
Seems to be fixed.