I'm seeing alot of these alerts (166 in a couple of days) when running in enforcing mode on F11/rawhide latest. Summary: SELinux is preventing the dnsmasq from using potentially mislabeled files (resolv.conf). Detailed Description: SELinux has denied dnsmasq access to potentially mislabeled file(s) (resolv.conf). This means that SELinux will not allow dnsmasq to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want dnsmasq to access this files, you need to relabel them using restorecon -v 'resolv.conf'. You might want to relabel the entire directory using restorecon -R -v ''. Additional Information: Source Context system_u:system_r:dnsmasq_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_t:s0 Target Objects resolv.conf [ file ] Source dnsmasq Source Path /usr/sbin/dnsmasq Port <Unknown> Host neo Source RPM Packages dnsmasq-2.46-2.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.12-9.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name home_tmp_bad_labels Host Name neo Platform Linux neo 2.6.29.1-102.fc11.x86_64 #1 SMP Mon Apr 20 15:33:38 EDT 2009 x86_64 x86_64 Alert Count 160 First Seen Sat 18 Apr 2009 11:56:19 AM BST Last Seen Mon 27 Apr 2009 02:47:04 PM BST Local ID 736f1fa9-9335-42db-b12b-621b64485329 Line Numbers Raw Audit Messages node=neo type=AVC msg=audit(1240840024.798:85): avc: denied { read } for pid=2037 comm="dnsmasq" name="resolv.conf" dev=dm-0 ino=9783 scontext=system_u:system_r:dnsmasq_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file node=neo type=SYSCALL msg=audit(1240840024.798:85): arch=c000003e syscall=2 success=no exit=-13 a0=42051e a1=0 a2=1b6 a3=238 items=0 ppid=1 pid=2037 auid=4294967295 uid=99 gid=40 euid=99 suid=99 fsuid=99 egid=40 sgid=40 fsgid=40 tty=(none) ses=4294967295 comm="dnsmasq" exe="/usr/sbin/dnsmasq" subj=system_u:system_r:dnsmasq_t:s0-s0:c0.c1023 key=(null)
You have a mislabeled resolv.conf file. Looks like someone mv'd it from a users home directory. restorecon /etv/resolv.conf Will fix.
Ah, cool. I think I had to edit it at some point because NetworkManager munged it.