Description of problem: After installing nethack, I get the following error nightly: avc: denied { create } for comm="prelink" egid=0 euid=0 exe="/usr/sbin/prelink" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="nethack.#prelink#.cNGQAs" pid=20166 scontext=user_u:system_r:prelink_t:s0 sgid=0 subj=user_u:system_r:prelink_t:s0 suid=0 tclass=file tcontext=user_u:object_r:usr_t:s0 tty=(none) uid=0 After a brief investigation of this problem, my best guess is that prelink is trying to create a temporary file in /usr/games/nethack-3.4.3/. As this isn't a regular location for binaries, it's not allowed to do this. Although I haven't yet tinkered with the new modular SELinux stuff, my understanding is that this is now an application packaging issue rather than a central SELinux policy issue. Version-Release number of selected component (if applicable): nethack-3.4.3-12.el5.1.i386 selinux-policy-targeted-2.4.6-30.el5.noarch How reproducible: Always Steps to Reproduce: 1. Install nethack 2. Leave SELinux in Enforcing mode 3. Wait for prelink to run Actual results: As above. Expected results: Prelink functions correctly. Additional info:
13:58 =dwalsh> upgrade to the latest selinux policy. 13:58 =dwalsh> people.redhat.com/dwalsh/SELinux/RHEL5 13:59 =dwalsh> Should take care of it.