Description of problem: Cannot recover from F8 amanda tape server. Get the following denials: audit(1208978772.401:25): avc: denied { add_name } for pid=25186 comm="amidxtaped" name="log" scontext=root:system_r:amanda_t:s0-s0:c0.c1023 tcontext=system_u:object_r:amanda_data_t:s0 tclass=dir audit(1208978772.407:26): avc: denied { write } for pid=25186 comm="amidxtaped" name="info" dev=sdc1 ino=97 scontext=root:system_r:amanda_t:s0-s0:c0.c1023 tcontext=root:object_r:file_t:s0 tclass=file It creates /var/lib/amanda/<config>/log. info is being written to the amanda vtape directory. Unfortunately, this can be anywhere really. So I need to label it properly. I'm assuming amanda_data_t would be correct? Version-Release number of selected component (if applicable): selinux-policy-3.0.8-95.fc8
Yes, Sorry missed this one last week. How did you end up with files labeled file_t?
(In reply to comment #1) > Yes, Sorry missed this one last week. How did you end up with files labeled > file_t? Well, it's a removable disk, so it was created with mkfs who knows how long ago at this point. I'm fully expecting that I'll need to label it manually, just need to know what that should be.
amanda_data_t should be correct. I would just mount it and run restorecon on it.
That should handle the second error, but what about this one: udit(1208978772.401:25): avc: denied { add_name } for pid=25186 comm="amidxtaped" name="log" scontext=root:system_r:amanda_t:s0-s0:c0.c1023 tcontext=system_u:object_r:amanda_data_t:s0 tclass=dir
Oops missed that. -Fixed in selinux-policy-3.3.1-48.fc9