Description of problem: selinux interecepts my haldaemon so I can't start it (HAL) Version-Release number of selected component (if applicable): rpm -q selinux-policy selinux-policy-2.6.2-1.fc7 How reproducible: always Steps to Reproduce: 1. service haldaemon start Actual results: nasty messages in /var/log/audit/audit.log Expected results: no intereception Additional info: messages are like this: type=AVC msg=audit(1178610564.321:25): avc: denied { write } for pid=3243 comm="hald-generate-f" name="hald" dev=dm-0 ino=131674 scontext=user_u:system_r:hald_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir type=SYSCALL msg=audit(1178610564.321:25): arch=c000003e syscall=2 success=no exit=-13 a0=7ffffdbb47b0 a1=242 a2=1a4 a3=7ffffdbb45b6 items=0 ppid=3242 pid=3243 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hald-generate-f" exe="/usr/libexec/hald-generate-fdi-cache" subj=user_u:system_r:hald_t:s0 key=(null) type=AVC msg=audit(1178610564.329:26): avc: denied { read } for pid=3241 comm="hald" name="fdi-cache" dev=dm-0 ino=131842 scontext=user_u:system_r:hald_t:s0 tcontext=user_u:object_r:var_t:s0 tclass=file type=SYSCALL msg=audit(1178610564.329:26): arch=c000003e syscall=2 success=no exit=-13 a0=43b0ef a1=0 a2=12 a3=3 items=0 ppid=3240 pid=3241 auid=4294967295 uid=68 gid=68 euid=68 suid=68 fsuid=68 egid=68 sgid=68 fsgid=68 tty=(none) comm="hald" exe="/usr/sbin/hald" subj=user_u:system_r:hald_t:s0 key=(null)
This looks like a labeling problem on /var/cache/hald. restorecon -R -v /var/cache/hald should clean it up. Not sure how it got mislabeled.