Description of problem: avc: denied { read } for comm=rpc.statd dev=dm-0 egid=0 euid=0 exe=/sbin/rpc.statd exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=services pid=6828 scontext=unconfined_u:system_r:rpcd_t:s0 sgid=0 subj=unconfined_u:system_r:rpcd_t:s0 suid=0 tclass=file tcontext=system_u:object_r:rpm_script_tmp_t:s0 tty=(none) uid=0 Version-Release number of selected component (if applicable): selinux-policy 3.0.8 74.fc8 setroubleshoot-server 1.10.7 1.fc8 nfs-utils 1.1.0 6.fc8 x86_64 How reproducible: Very much so. Steps to Reproduce: 1. # /etc/init.d/nfslock start 2. "watch the output" Actual results: Starting NFS statd: [FAILED] Expected results: Starting NFS statd: [OK] Additional info: Source Context unconfined_u:system_r:rpcd_t Target Context system_u:object_r:rpm_script_tmp_t Target Objects None [ file ] Affected RPM Packages nfs-utils-1.1.0-6.fc8 [application] Policy RPM selinux-policy-3.0.8-74.fc8 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.home_tmp_bad_labels Host Name grayf Platform Linux grayf 2.6.23.9-85.fc8 #1 SMP Fri Dec 7 15:49:36 EST 2007 x86_64 x86_64 Alert Count 10 First Seen Mon Jan 21 18:36:17 2008 Last Seen Mon Jan 21 18:39:21 2008 Local ID 0669cea2-c098-4d1b-ac24-b07a9cd337f4 Line Numbers
I can reproduce this on my other F8 machine (i686 athlon arch) that has the same versions of packages.
restorecon /etc/services Some rpm in it post install script is editing the /etc/services file in /tmp and then mv'ing it to /etc. THis is causing the labels to be wrong. Running restorecon on the file will fix. If you know which rpm is causing the problem, open an bugzilla on it to tell them to run restorecon when they are done. restorecond could be used to watch this file, in the future. Marking this as notabug since this is not a bug with policy but a bug with some other package.
*** Bug 310601 has been marked as a duplicate of this bug. ***