Description of problem: I try to restart the network using either /etc/init.d/network restart or service network restart as root Version-Release number of selected component (if applicable): SysVinit-2.86-16 [application] How reproducible: Every time I reboot the network. Although I have set SELinux to Permissive. Steps to Reproduce: 1. Restart the network 2. Have the settroubleshoot browser jump up with the error message Additional Info: I'll add the whole browser info for your viewing please :) Summary SELinux is preventing /sbin/killall5 (dhcpc_t) "ptrace" to exe (initrc_t). Detailed Description SELinux denied access requested by /sbin/killall5. It is not expected that this access is required by /sbin/killall5 and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:dhcpc_t:s0 Target Context user_u:system_r:initrc_t:s0 Target Objects exe [ process ] Affected RPM Packages SysVinit-2.86-16 [application] Policy RPM selinux-policy-2.6.1-1.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.20-1.3104.fc7 #1 SMP Sat Apr 21 22:20:43 EDT 2007 i686 athlon Alert Count 1 First Seen Wed 25 Apr 2007 08:28:29 AM WST Last Seen Wed 25 Apr 2007 08:28:29 AM WST Local ID e71db897-ff2b-4688-b6a7-94d311fabfc3 Line Numbers Raw Audit Messages avc: denied { ptrace } for comm="pidof" dev=proc egid=0 euid=0 exe="/sbin/killall5" exit=9 fsgid=0 fsuid=0 gid=0 items=0 name="exe" pid=5065 scontext=user_u:system_r:dhcpc_t:s0 sgid=0 subj=user_u:system_r:dhcpc_t:s0 suid=0 tclass=process tcontext=user_u:system_r:initrc_t:s0 tty=pts0 uid=0
Why are you running in permissive mode. More avc messages are generated in permissive mode, Since a prior dontaudit denial my have prevented this avc. Do you see this message when in enforcing mode?
Just switched to enforcing and no I haven't come across it yet. If I do I'll repost but at this point in time just mark it as not a bug if you can.
Reopen if you see a problem.