While testing some cluster suite stuff with selinux in enforcing, I get the AVCs below using selinux-policy-targeted-2.4.6-137.el5: When trying to authenticate: type=AVC msg=audit(1217259698.328:8216): avc: denied { read } for pid=4501 comm="saslauthd" name="passwd" dev=dm-0 ino=2621553 scontext=system_u:system_r:saslauthd_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file Trying to get cluster status: type=AVC msg=audit(1217259762.498:8226): avc: denied { read } for pid=4446 comm="oddjobd" name="passwd" dev=dm-0 ino=2621553 scontext=system_u:system_r:oddjob_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
You have a mislabeled system. your passwd file should not be labeled file_t. This means that SELinux labels were never applied to this file. You can add a label by using the restorecon command. restorecon /etc/passwd If you see other file_t context then the entire machine might need to be relabeled touch /.autorelabel reboot If you are mv'ing files off of an ulabeled device you might need to put labels onto them by using restorecon.