Running virt-manager as non-root results in ... Summary: SELinux is preventing libvirtd (virtd_t) "getattr" unconfined_notrans_t. Detailed Description: SELinux denied access requested by libvirtd. It is not expected that this access is required by libvirtd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:unconfined_notrans_t:s0- s0:c0.c1023 Target Objects None [ process ] Source libvirtd Source Path /usr/sbin/libvirtd Port <Unknown> Host dell-t5400.test.redhat.com Source RPM Packages libvirt-0.6.2-4.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.12-28.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name dell-t5400.test.redhat.com Platform Linux dell-t5400.test.redhat.com 2.6.29.2-130.fc11.x86_64 #1 SMP Wed May 6 14:06:54 EDT 2009 x86_64 x86_64 Alert Count 1 First Seen Thu May 7 10:17:12 2009 Last Seen Thu May 7 10:17:12 2009 Local ID 5907a439-083b-4ba8-b7f9-d85adeac8136 Line Numbers Raw Audit Messages node=dell-t5400.test.redhat.com type=AVC msg=audit(1241705832.967:40319): avc: denied { getattr } for pid=3732 comm="libvirtd" scontext=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_notrans_t:s0-s0:c0.c1023 tclass=process node=dell-t5400.test.redhat.com type=SYSCALL msg=audit(1241705832.967:40319): arch=c000003e syscall=0 success=yes exit=62 a0=e a1=7ffbac000950 a2=fff a3=0 items=0 ppid=1 pid=3732 auid=3633 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="libvirtd" exe="/usr/sbin/libvirtd" subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 key=(null)
Fixed in selinux-policy-3.6.12-31.fc11.noarch