Description of problem: Summary: SELinux is preventing dhcdbd (dhcpc_t) "read" to /etc/dbus-1/system.d (dbusd_etc_t). Detailed Description: SELinux denied access requested by dhcdbd. It is not expected that this access is required by dhcdbd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /etc/dbus-1/system.d, restorecon -v '/etc/dbus-1/system.d' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:dhcpc_t Target Context system_u:object_r:dbusd_etc_t Target Objects /etc/dbus-1/system.d [ dir ] Source dhcdbd Source Path /sbin/dhcdbd Port <Unknown> Host localhost.localdomain Source RPM Packages dhcdbd-2.2-1.el5 Target RPM Packages dbus-1.0.0-7.el5 Policy RPM selinux-policy-2.4.6-137.1.el5_2 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.18-92.1.10.el5 #1 SMP Wed Jul 23 03:56:11 EDT 2008 x86_64 x86_64 Alert Count 6 First Seen Fri 22 Aug 2008 11:04:20 AM EDT Last Seen Sat 23 Aug 2008 03:10:05 PM EDT Local ID ac0244b5-6de6-457a-9f8f-7fae40e52a9f Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1219518605.165:232): avc: denied { read } for pid=14286 comm="dhcdbd" path="/etc/dbus-1/system.d" dev=hda6 ino=2091393 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:dbusd_etc_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1219518605.165:232): arch=c000003e syscall=59 success=yes exit=0 a0=da9910 a1=d8edf0 a2=d9b670 a3=6266373939333838 items=0 ppid=14285 pid=14286 auid=4294967295 uid=81 gid=81 euid=81 suid=81 fsuid=81 egid=81 sgid=81 fsgid=81 tty=(none) ses=4294967295 comm="dhcdbd" exe="/sbin/dhcdbd" subj=system_u:system_r:dhcpc_t:s0 key=(null) Additional info: "restorecon -v '/etc/dbus-1/system.d'" does not fix this -- the context is the same before and after.
Fixed in selinux-policy-2.4.6-149.el5 Preview available on http://people.redhat.com/dwalsh/SELinux/RHEL5
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0163.html