Description of problem: There are some denials during boot Version-Release number of selected component (if applicable): rpm -q selinux-policy selinux-policy-2.6.5-2.fc8 How reproducible: always Steps to Reproduce: 1. touch /.autorelabel 2. reboot 3. see into log - there're some denials Actual results: Jun 18 14:42:52 traged kernel: audit(1182177722.179:2): enforcing=1 old_enforcing=0 auid=4294967295 Jun 18 14:42:52 traged kernel: audit(1182177722.690:3): policy loaded auid=4294967295 Jun 18 14:42:52 traged kernel: audit(1182177724.787:4): avc: denied { read write } for pid=490 comm="restorecon" name="console" dev=tmpfs ino=1114 scontext=system_u:system_r:setfiles_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=chr_file Jun 18 14:42:52 traged kernel: audit(1182177724.788:5): avc: denied { read write } for pid=490 comm="restorecon" name="console" dev=tmpfs ino=1114 scontext=system_u:system_r:setfiles_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=chr_file Jun 18 14:42:52 traged kernel: audit(1182177724.788:6): avc: denied { read write } for pid=490 comm="restorecon" name="console" dev=tmpfs ino=1114 scontext=system_u:system_r:setfiles_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=chr_file Jun 18 14:42:52 traged kernel: audit(1182177724.789:7): avc: denied { write } for pid=490 comm="restorecon" name="null" dev=tmpfs ino=1110 scontext=system_u:system_r:setfiles_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=chr_file Jun 18 14:42:53 traged kernel: audit(1182170566.212:8): avc: denied { getattr } for pid=1797 comm="dhclient-script" name="setfiles" dev=dm-0 ino=196884 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:setfiles_exec_t:s0 tclass=file Jun 18 14:42:53 traged kernel: audit(1182170570.157:9): audit_pid=1943 old=0 by auid=4294967295 subj=system_u:system_r:auditd_t:s0 Expected results: boot without any denial
I'm not able reproduce this with latest selinux-policy Adam