Description of problem: SELinux denying a Version-Release number of selected component (if applicable): Affected RPM Packages: lvm2-2.02.17-1.fc6 [application]lvm2-2.02.17-1.fc6 [target]Policy RPM: selinux-policy-2.4.6-42.fc6 How reproducible: Unknown (may only be first time run) Steps to Reproduce: 1. Load System > Administration > Logical Volume Management 2. Look at logs Actual results: Two SELinux denials: avc: denied { write } for comm="lvm" cwd="/home/qoh102" dev=08:01 egid=0 euid=0 exe="/usr/sbin/lvm" exit=3 fsgid=0 fsuid=0 gid=0 inode=17171419 item=0 items=1 mode=0100600 name="/etc/lvm/.cache" obj=system_u:object_r:lvm_etc_t:s0 ogid=0 ouid=0 pid=4744 rdev=00:00 scontext=system_u:system_r:lvm_t:s0 sgid=0 subj=system_u:system_r:lvm_t:s0 suid=0 tclass=file tcontext=system_u:object_r:lvm_etc_t:s0 tty=(none) uid=0 avc: denied { unlink } for comm="lvm" cwd="/home/qoh102" dev=08:01 egid=0 euid=0 exe="/usr/sbin/lvm" exit=0 fsgid=0 fsuid=0 gid=0 inode=17172857 item=4 items=5 mode=0100600 name="/etc/lvm/.cache" obj=system_u:object_r:lvm_metadata_t:s0 ogid=0 ouid=0 pid=4744 rdev=00:00 scontext=system_u:system_r:lvm_t:s0 sgid=0 subj=system_u:system_r:lvm_t:s0 suid=0 tclass=file tcontext=system_u:object_r:lvm_etc_t:s0 tty=(none) uid=0 Expected results: No such errors! Additional info:
restorecon /etc/lvm/.cache will fix this problem. Some lvm app that is not running under a domain created this file, with the wrong label. Changing the label with restorecon will fix. newver versions of lvm have moved the cache to a directory with the correct label, so this will not happen in the future. You can use restorecond to make sure it does not happen on fc6.