I keep getting the following messages in setroubleshoot: host=tenon.honolulu.burdell.org type=AVC msg=audit(1225010210.47:33): avc: denied { associate } for pid=6735 comm="rsync" name=".15d881caa43959453d65aad26e51f6fd3203981c-filelists.sqlite.bz2.w4t4QQ" scontext=root:object_r:unlabeled_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem host=tenon.honolulu.burdell.org type=SYSCALL msg=audit(1225010210.47:33): arch=c000003e syscall=2 success=yes exit=4 a0=7fff599d3ea0 a1=c2 a2=180 a3=3138393330323364 items=0 ppid=6733 pid=6735 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2 comm="rsync" exe="/usr/bin/rsync" subj=root:system_r:unconfined_t:s0-s0:c0.c1023 key=(null) This is more or less a default 5.2 install. The command I'm running that causes these messages: rsync -vaH --progress \ --exclude-from=/home/released/EXCLUDES \ --numeric-ids --delete --delete-after \ --delay-updates \ rsync://mirrors.kernel.org/fedora-enchilada/linux/development/i386/ \ /home/released/rawhide/i386/
David, the problem here is the file system does not have any labels on it. Running restorecon on the device after you create it will add the correct labels and this AVC will dissapear
Thanks, I think between the time I opened this bug and now I learned a bit more about SELinux. BTW, 533 days between the opening comment and comment 1. Or about 1.5 years. And that takes it from NEW to CLOSED NOTABUG. Nice. :)
Just brought to my attention today. Showed up in my bugzilla email. I never even looked at the date.