Description of problem: After the last SELinux update, staticly addressed interfaces fail on network restart. Version-Release number of selected component (if applicable): selinux-policy-targeted-2.4.6-49.fc6 How reproducible: Always. Steps to Reproduce: 1. Update to selinux-policy-targeted-2.4.6-49.fc6 2. service network restart Actual results: # /etc/init.d/network restart Shutting down loopback interface: [ OK ] SIOCGIFFLAGS: No such device Bringing up loopback interface: [ OK ] Bringing up interface eth0: sysfs class device: Permission denied Error, some other host already uses address 192.168.xxx.xxx. [FAILED] Expected results: ]# /etc/init.d/network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Additional info: Apr 10 21:47:42 damaestro kernel: audit(1176263262.961:22): avc: denied { search } for pid=5371 comm="arping" name="/" dev=sysfs ino=1 scontext=user_u:system_r:netutils_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir Apr 10 21:47:42 damaestro kernel: audit(1176263262.961:23): avc: denied { getattr } for pid=5371 comm="arping" name="eth0" dev=sysfs ino=3719 scontext=user_u:system_r:netutils_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir Apr 10 21:47:42 damaestro kernel: audit(1176263262.961:24): avc: denied { getattr } for pid=5371 comm="arping" name="broadcast" dev=sysfs ino=20448 scontext=user_u:system_r:netutils_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file Apr 10 21:47:42 damaestro kernel: audit(1176263262.961:25): avc: denied { read } for pid=5371 comm="arping" name="broadcast" dev=sysfs ino=20448 scontext=user_u:system_r:netutils_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
selinux-policy-targeted-2.4.6-54.fc6 fixes this issue.
I want to point out the problem here was an update to arping which caused the problem, not the SELinux update. Not that this helps anyone inconvenienced by the problem