Description of problem: Get this (in /var/log/messages) booting latest rawhide: Apr 21 09:35:55 localhost kernel: audit(1177173338.205:7): avc: denied { search } for pid=1759 comm="readahead" name="audit" dev=dm-0 ino=11076215 scontext=system_u:system_r:readahead_t:s0 tcontext=system_u:object_r:auditd_etc_t:s0 tclass=dir /etc/readahead.d/early.sorted has: 448 /etc/audit/auditd.conf Version-Release number of selected component (if applicable): readahead-1.4.1-2.fc7 How reproducible: every time Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Hmm... the readahead should be able to read all files that system uses during boot. Note there is few files (like /var/lib/random-seed) that will be removed from the default readahead lists in the next update, because these files are from very early boot time (time before /etc/init.d/readahead_early execution). But the file /etc/audit/auditd.conf definitely belong to readahead list.
Seems to be gone with selinux-policy-targeted-2.6.1-1.fc7 Didn't see anything in the changelog. Close?
Sorry must of missed this change.