Description of problem: When an interface is started with network device control, the following denials are seen: Jan 7 13:52:41 localhost kernel: audit(1168203161.948:4): avc: denied { write } for pid=3048 comm="ifconfig" name="[10408]" dev=pipefs ino=10408 scontext=user_u:system_r:ifconfig_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Jan 7 13:52:41 localhost kernel: audit(1168203161.949:6): avc: denied { read } for pid=3048 comm="ifconfig" name="[10402]" dev=pipefs ino=10402 scontext=user_u:system_r:ifconfig_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Jan 7 13:52:43 localhost kernel: audit(1168203163.251:29): avc: denied { write } for pid=3088 comm="ip" name="[10408]" dev=pipefs ino=10408 scontext=user_u:system_r:ifconfig_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Jan 7 13:52:43 localhost kernel: audit(1168203163.251:30): avc: denied { read } for pid=3088 comm="ip" name="[10402]" dev=pipefs ino=10402 scontext=user_u:system_r:ifconfig_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Jan 7 13:52:43 localhost kernel: audit(1168203163.254:36): avc: denied { chown } for pid=3089 comm="cp" capability=0 scontext=user_u:system_r:dhcpc_t:s0 tcontext=user_u:system_r:dhcpc_t:s0 tclass=capability Jan 7 13:52:43 localhost kernel: audit(1168203163.331:37): avc: denied { write } for pid=3097 comm="hostname" name="[10408]" dev=pipefs ino=10408 scontext=user_u:system_r:hostname_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Jan 7 13:52:43 localhost kernel: audit(1168203163.332:38): avc: denied { read } for pid=3097 comm="hostname" name="[10402]" dev=pipefs ino=10402 scontext=user_u:system_r:hostname_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file Version-Release number of selected component (if applicable): selinux-policy-2.4.5-4.fc5
All of these bugs should be fixed in FC6, You could attempt to use the FC6 policy on FC5 or upgrade. Or you could use audit2allow -M mypolicy -i /var/log/audit/audit.log and build local customized policy