Description of problem:
SELinux denied access requested by /usr/sbin/blktapctrl. It is not expected that
this access is required by /usr/sbin/blktapctrl and this access may signal an
intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Create a new Virtual machine using Virtual Machine Manager
2. System Name: CentOS5
3. Virtualized Method:Paravirtualized
4. Install Media URL : /media/SCSI0_VOL1/Linux_Distros/CentOS-5.0-x86_64-bin-DVD.iso
5. Simple File (/home/tinh/xen/CentOS5)with Allocate entire disk now check (6GB)
6. Virtual Network (default)
7. VM Max Memory: 512MB, VM Startup Memory: 512 MB, VCPUs: 2
8. 
  
Actual results:


Expected results:


Additional info:
Source Context:  system_u:system_r:xend_tTarget
Context:  system_u:object_r:var_run_tTarget Objects:  tap [ dir ]Affected RPM
Packages:  xen-3.1.0-0.rc7.1.fc7 [application]Policy
RPM:  selinux-policy-2.6.4-13.fc7Selinux Enabled:  TruePolicy Type:  targetedMLS
Enabled:  TrueEnforcing Mode:  EnforcingPlugin Name:  plugins.catchall_fileHost
Name:  localhost.localdomainPlatform:  Linux localhost.localdomain
2.6.20-2925.9.fc7xen #1 SMP Tue May 22 09:29:36 EDT 2007 x86_64 x86_64Alert
Count:  1First Seen:  Thu 07 Jun 2007 04:07:00 PM ICTLast Seen:  Thu 07 Jun 2007
04:07:00 PM ICTLocal ID:  934b71c8-b8d8-4a03-9178-034d395e54d2Line Numbers:  Raw
Audit Messages :avc: denied { create } for comm="blktapctrl" egid=0 euid=0
exe="/usr/sbin/blktapctrl" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="tap"
pid=3065 scontext=system_u:system_r:xend_t:s0 sgid=0
subj=system_u:system_r:xend_t:s0 suid=0 tclass=dir
tcontext=system_u:object_r:var_run_t:s0 tty=(none) uid=0