Description of problem:SELinux is blocking access from /sbin/mii-tool to /var/log/wcstatus.log Version-Release number of selected component (if applicable): 1.60 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: SELinux denied access requested by /sbin/mii-tool. It is not expected that this access is required by /sbin/mii-tool and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Expected results: Additional info: Source Context: system_u:system_r:ifconfig_t Target Context: user_u:object_r:var_log_t Target Objects: /var/log/wcstatus.log [ file ] Affected RPM Packages: net-tools-1.60-73 [application] Policy RPM: selinux-policy-2.4.6-35.fc6 Selinux Enabled: True Policy Type: targeted MLS Enabled: TrueE nforcing Mode: Enforcing Plugin Name: plugins.catchall_file Host Name: baldy Platform: Linux baldy 2.6.19-1.2911.fc6 #1 SMP Sat Feb 10 15:16:31 EST 2007 x86_64 x86_64Alert Count: 39762Line Numbers: Raw Audit Messages :
Reassigning to selinux-policy. Anyway I would strongly suggest to use ethtool instaed of mii-tool.
Here are the version of selinux packages I have installed. selinux-policy-2.4.6-35.fc6 libselinux-devel-1.33.4-2.fc6 selinux-policy-targeted-2.4.6-35.fc6 libselinux-1.33.4-2.fc6 libselinux-python-1.33.4-2.fc6 libselinux-devel-1.33.4-2.fc6 I just saw today that there is a selinux update available (-37) I'll update to that when I get home and let you know if the error message still exists.
This looks like a local customization. Why is mii-tool writing to a log /var/log/mcstatus.log? If you need this you can add customized local policy. audit2allow -M mymiipolicy < /var/log/audit/audit.log