Description of problem: Summary SELinux is preventing /usr/sbin/NetworkManager (NetworkManager_t) "write" to /var/log/pm-suspend.log (hald_log_t). Detailed Description SELinux denied access requested by /usr/sbin/NetworkManager. It is not expected that this access is required by /usr/sbin/NetworkManager and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Additional Information Source Context: system_u:system_r:NetworkManager_t:s0 Target Context: system_u:object_r:hald_log_t:s0Target Objects: /var/log/pm-suspend.log [ file ]Affected RPM Packages: NetworkManager-0.7.0-0.6.6.svn3138.fc8 [application]pm-utils-0.99.4-6.fc8 [target]Policy RPM: selinux-policy-3.0.8-72.fc8 Selinux Enabled: TruePolicy Type: targeted MLS Enabled: True Enforcing Mode: Enforcing Plugin Name: plugins.catchall_file Host Name: bach.myhome.net Platform: Linux bach.myhome.net 2.6.23.9-85.fc8 #1 SMP Fri Dec 7 15:49:59 EST 2007 i686 i686Alert Count: 4First Seen: Fri 11 Jan 2008 06:15:26 AM CSTLast Seen: Sat 12 Jan 2008 01:02:00 PM CSTLocal ID: 9a9049cf-b054-4924-b7a6-9dff384eb9c6Line Numbers: Raw Audit Messages :avc: denied { write } for comm=NetworkManager dev=dm-0 egid=0 euid=0 exe=/usr/sbin/NetworkManager exit=0 fsgid=0 fsuid=0 gid=0 items=0 path=/var/log/pm-suspend.log pid=3118 scontext=system_u:system_r:NetworkManager_t:s0 sgid=0 subj=system_u:system_r:NetworkManager_t:s0 suid=0 tclass=file tcontext=system_u:object_r:hald_log_t:s0 tty=(none) uid=0 Version-Release number of selected component (if applicable): How reproducible: Always happens on suspend/resume Steps to Reproduce: 1. Start NetworkManager 2. Suspend to Ram 3. Resume Actual results: Expected results: Additional info:
You can allow this for now by executing # audit2allow -M mypol -i /var/log/audit/audit.log # semodule -i mypol.pp Fixed in selinux-policy-3.0.8-81.fc8
Bugs have been in modified for over one month. Closing as fixed in current release please reopen if the problem still persists.