While troubleshooting a problem with the rhel4 xenU kernel, I found that I couldn't get a coredump from the xenU domain on my fc6 dom0. When I did a "setenforce 0" I was able to get it to work. The following avc messages were logged: Jan 3 10:19:41 dantu kernel: audit(1167837581.876:58): avc: denied { write } for pid=28891 comm="python" name="dump" dev=dm-2 ino=983042 scontext=user_u:system_r:xend_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir Jan 3 10:19:41 dantu kernel: audit(1167837581.876:59): avc: denied { add_name } for pid=28891 comm="python" name="2007-0103-1019.41-rhel4.17.core" scontext=user_u:system_r:xend_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir Jan 3 10:19:41 dantu kernel: audit(1167837581.876:60): avc: denied { create } for pid=28891 comm="python" name="2007-0103-1019.41-rhel4.17.core" scontext=user_u:system_r:xend_t:s0 tcontext=user_u:object_r:var_t:s0 tclass=file Jan 3 10:19:41 dantu kernel: audit(1167837581.888:61): avc: denied { write } for pid=28891 comm="python" name="2007-0103-1019.41-rhel4.17.core" dev=dm-2 ino=983043 scontext=user_u:system_r:xend_t:s0 tcontext=user_u:object_r:var_t:s0 tclass=file
I have: kernel-xen-2.6.18-1.2869.fc6 selinux-policy-targeted-2.4.6-13.fc6 xen-3.0.3-1.fc6 Let me know if you need other info.
You should be dumping under /var/lib/xen You are not allowed to dump elsewhere unless you label it xen_lib_t
Then xm dump-core is borked and this should be reassigned to that since it's hardcoded to dump to the wrong location.
The updated RPM xen-3.0.3-3.fc6 just pushed to updates-testing has moved the core dump directory to /var/lib/xen/dumps. This should resolve the AVC denial issue.