The messages that I get are: -------------------- Summary: SELinux is preventing the ntpd from using potentially mislabeled files (./services). Detailed Description: SELinux has denied ntpd access to potentially mislabeled file(s) (./services). This means that SELinux will not allow ntpd to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want ntpd to access this files, you need to relabel them using restorecon -v './services'. You might want to relabel the entire directory using restorecon -R -v '.'. Additional Information: Source Context unconfined_u:system_r:ntpd_t:s0 Target Context unconfined_u:object_r:rpm_script_tmp_t:s0 Target Objects ./services [ file ] Source ntpd Source Path /usr/sbin/ntpd Port <Unknown> Host mypc Source RPM Packages ntp-4.2.4p4-7.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-84.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name home_tmp_bad_labels Host Name mypc Platform Linux mypc 2.6.25.14-108.fc9.i686 #1 SMP Mon Aug 4 14:08:11 EDT 2008 i686 i686 Alert Count 9 First Seen Sun 07 Sep 2008 10:56:25 AM WEST Last Seen Sun 07 Sep 2008 10:56:27 AM WEST Local ID c66e6354-b26d-442a-bae7-c12aaa44acea Line Numbers Raw Audit Messages host=mypc type=AVC msg=audit(1220781387.527:58): avc: denied { read } for pid=4798 comm="ntpd" name="services" dev=dm-0 ino=11649032 scontext=unconfined_u:system_r:ntpd_t:s0 tcontext=unconfined_u:object_r:rpm_script_tmp_t:s0 tclass=file host=mypc type=SYSCALL msg=audit(1220781387.527:58): arch=40000003 syscall=5 success=no exit=-13 a0=457f06 a1=80000 a2=1b6 a3=80000 items=0 ppid=4797 pid=4798 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="ntpd" exe="/usr/sbin/ntpd" subj=unconfined_u:system_r:ntpd_t:s0 key=(null) -------------------- Paul
The problem was solved with a relabeling. So, it is not a bug, and I am going to close it. Paul