Description of problem: SELinux is preventing consoletype (consoletype_t) "read" to /var/lib/dhclient/dhclient-wlan0.leases (dhcpc_state_t). Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1.activate wireless with network configuration 2. 3. Actual results: Expected results: Additional info: Source Context: unconfined_u:system_r:consoletype_t:s0-s0:c0.c1023 Target Context: unconfined_u:object_r:dhcpc_state_t:s0 Target Objects: /var/lib/dhclient/dhclient-wlan0.leases [ file] Source: consoletype Source Path: /sbin/consoletype Port: <Unknown> Host: leased-2-223.fi.infn.it Source RPM Packages: initscripts-8.76.3-1 Target RPM Packages: Policy RPM: selinux-policy-3.3.1-95.fc9 Selinux Enabled: True Policy Type: targeted MLS Enabled: True Enforcing Mode: Enforcing Plugin Name: catchall_file Host Name: leased-2-223.fi.infn.it Platform: Linux leased-2-223.fi.infn.it 2.6.26.5-45.fc9.i686 #1 SMP Sat Sep 20 03:45:00 EDT 2008 i686 i686 Alert Count: 11 First Seen: Tue 12 Aug 2008 07:36:00 PM CEST Last Seen: Tue 14 Oct 2008 07:01:29 PM CEST Local ID: 8c9e6cb0-dff9-451b-8f2b-9cd023172a4f Line Numbers: Raw Audit Messages :host=leased-2-223.fi.infn.it type=AVC msg=audit(1224003689.330:60): avc: denied { read } for pid=4069 comm="consoletype" path="/var/lib/dhclient/dhclient-wlan0.leases" dev=sda9 ino=38190 scontext=unconfined_u:system_r:consoletype_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:dhcpc_state_t:s0 tclass=file host=leased-2-223.fi.infn.it type=SYSCALL msg=audit(1224003689.330:60): arch=40000003 syscall=11 success=yes exit=0 a0=9c8e590 a1=9c8e028 a2=9c8e248 a3=0 items=0 ppid=4068 pid=4069 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="consoletype" exe="/sbin/consoletype" subj=unconfined_u:system_r:consoletype_t:s0-s0:c0.c1023 key=(null)
dhclient is leaking an open file descrioptor and SELinux is catching it and closing it. This will not cause you any problems and can be ignored. dhclient should be fixed to close all open file descriptors before execing programs. fcntl(fd, F_SETFD, FD_CLOEXEC)
*** This bug has been marked as a duplicate of bug 446632 ***