Description of problem: This evening I updated my laptop from F8 test1 to the latest rawhide packages. Upon rebooting neither of the network interfaces would come up. Further investigation revealed that there were SELinux denials with haldaemon - when I changed to permissive mode, I could start haldaemon and the wireless interface worked: Summary SELinux is preventing /usr/sbin/hald (hald_t) "read" to reload (var_lib_t). Detailed Description SELinux denied access requested by /usr/sbin/hald. It is not expected that this access is required by /usr/sbin/hald and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for reload, restorecon -v reload If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context root:system_r:hald_t Target Context system_u:object_r:var_lib_t Target Objects reload [ file ] Affected RPM Packages hal-0.5.10-0.git20070731.fc8.1 [application] Policy RPM selinux-policy-3.0.5-5.fc8 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name plugins.catchall_file Host Name vaio Platform Linux vaio 2.6.23-0.101.rc2.git5.fc8 #1 SMP Sun Aug 12 20:38:58 EDT 2007 x86_64 x86_64 Alert Count 1 First Seen Mon Aug 13 21:23:52 2007 Last Seen Mon Aug 13 21:23:52 2007 Local ID c891cee8-9736-4e0e-8755-f50896b3efb8 Line Numbers Raw Audit Messages avc: denied { read } for comm="hald" dev=dm-5 egid=0 euid=0 exe="/usr/sbin/hald" exit=1 fsgid=0 fsuid=0 gid=0 items=0 name="reload" pid=3243 scontext=root:system_r:hald_t:s0 sgid=0 subj=root:system_r:hald_t:s0 suid=0 tclass=file tcontext=system_u:object_r:var_lib_t:s0 tty=(none) uid=0 Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
restorecon -R -v /var/lib This is a labeling problem. I am not sure why the upgrade did not fix the label.