Description of problem: SELinux is preventing syslogd_t to relabelfrom and relabelto var_log_t file Version-Release number of selected component (if applicable): selinux-policy keylime Actual results: Tests show denials. Expected results: Tests won't show any denials. Additional info: From keylime point of view, the denials not cause any fails in testsuite. So maybe possible way how to solve it is dontaudit these rules. I'm not able to reproduce, it appears only in CI. time->Mon Oct 24 09:00:00 2022 type=AVC msg=audit(1666602000.233:861): avc: denied { relabelfrom } for pid=542 comm="journal-offline" name=".#user-1000" dev="nvme0n1p5" ino=74421 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file permissive=0 https://artifacts.dev.testing-farm.io/59192121-dab6-4a22-91be-d07f0335e0e9/
Also need to dontaudit thise rule: dontaudit syslogd_t var_log_t:file relabelto;
*** This bug has been marked as a duplicate of bug 2075527 ***