Description of problem: When run vgscan in enforce mode it fails with an denied message. When add LVM after installing Fedora, it will result in an possible unbootable system.(when mounting the logical volume in fstab) Version-Release number of selected component (if applicable): selinux-policy-targeted-2.4.6-54.fc6 How reproducible: every time Steps to Reproduce: 1.run vgscan in enforce mode Actual results: This denied message: type=AVC msg=audit(1176638158.025:1005): avc: denied { write } for pid=3892 comm="lvm" name=".cache" dev=md1 ino=7858258 scontext=user_u:system_r:lvm_t:s0 tcontex t=user_u:object_r:lvm_etc_t:s0 tclass=file type=SYSCALL msg=audit(1176638158.025:1005): arch=40000003 syscall=5 success=yes exit=3 a0=a0498d0 a1=8042 a2=1ff a3=8042 items=0 ppid=4447 pid=3892 auid=500 uid=0 g id=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts6 comm="lvm" exe="/usr/sbin/lvm" subj=user_u:system_r:lvm_t:s0 key=(null) type=AVC msg=audit(1176638158.027:1006): avc: denied { unlink } for pid=3892 comm="lvm" name=".cache" dev=md1 ino=7858258 scontext=user_u:system_r:lvm_t:s0 tconte Expected results: That it run's without any denied message.
restorecon /etc/lvm/.cache This file some times gets the wrong context on it. You can add this file to /etc/selinux/restorecond.conf And then run restorecond service, which should maintain the context. The file has been moved in FC7 to better maintain its context.