Description of problem: A system which has too less disk space on / uses a bind mount for e.g. /var/spool/squid. After trying to enable selinux many warnings were seen. They did not go away after relabling. I believe, this is caused by the bind mount Version-Release number of selected component (if applicable): policycoreutils-1.18.1-4.9 How reproducible: After each relabel Steps to Reproduce: # grep squid /etc/fstab /mnt/extra/var/spool/squid /var/spool/squid ext3 bind 0 0 # mount | grep squid /mnt/extra/var/spool/squid on /var/spool/squid type ext3 (rw,bind) mount Actual results: Sep 24 18:57:29 proxy kernel: audit(1159117049.188:30): avc: denied { rename } for pid=3917 comm="squid" name="swap.state.clean" dev=sdc1 ino=230524 scontext=user_u:system_r:squid_t tcontext=user_u:object_r:file_t tclass=file Sep 24 18:57:29 proxy kernel: audit(1159117049.188:31): avc: denied { unlink } for pid=3917 comm="squid" name="swap.state" dev=sdc1 ino=230526 scontext=user_u:system_r:squid_t tcontext=user_u:object_r:file_t tclass=file Expected results: No such messages Additional info: Selinux is currently disabled for now, so I can't provide "ls -Z" at the moment.
file_t indicates that there are still files on the system that are labeled incorrectly. What kind of file system are you bind mounting? You could execute chcon -R system_u:object_r:squid_cache_t /mnt/extra/var/spool/squid Which should fix the problem
Filesystem is ext3 # mount |grep extra /dev/sdc1 on /mnt/extra type ext3 (rw) /mnt/extra/var/cache on /var/cache type ext3 (rw,bind) /mnt/extra/var/local on /var/local type ext3 (rw,bind) /mnt/extra/var/spool/squid on /var/spool/squid type ext3 (rw,bind) Looks like your workaround helped.