Description of problem: When executing the following commands: hwclock --set --date "1/1/2000 00:00:00" hwclock --utc --systohc as init process, the following AVC errors are obtained: type=SYSCALL msg=audit(1178819431.189:1845): arch=40000003 syscall=5 success=no exit=-13 a0=90e2c48 a1=0 a2=40171ff4 a3=90e1a68 items=0 ppid=13457 pid=13460 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hwclock" exe="/sbin/hwclock" subj=system_u:system_r:hwclock_t:s0 key=(null) type=AVC msg=audit(1178819431.189:1845): avc: denied { search } for pid=13460 comm="hwclock" name="mnt" dev=dm-0 ino=16613377 scontext=system_u:system_r:hwclock_t:s0 tcontext=system_u:object_r:mnt_t:s0 tclass=dir If those commands are run as root though, no errors are given. Version-Release number of selected component (if applicable): RHEL5-GA How reproducible: Everytime Steps to Reproduce: 1. Put those commands in a script, and place it in the /etc/rc3.d dir as a start script. 2. reboot the machine 3. Actual results: AVC errors are thrown Expected results: No errors should be given. Additional info: You can run these in the rhts system... The test is /kernel/security/audit/audit-test-1212
Note that this does happen with the latest selinux-policy package (selinux-policy-2.4.6-67.el5) package as well.
Why would hwclock be searching the mnt_t directory?
This error is due to a failure in the loading of RHTS test policy.