Description of problem: See $(URL) for the complete log from testcase /tools/gcc/performance/botan Snip: time->Wed Jun 10 11:11:42 2009 type=SYSCALL msg=audit(1244646702.869:8): arch=40000003 syscall=5 success=no exit=-13 a0=bfbb52b0 a1=0 a2=0 a3=2 items=0 ppid=10057 pid=10063 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ifconfig" exe="/sbin/ifconfig" subj=system_u:system_r:ifconfig_t:s0 key=(null) type=AVC msg=audit(1244646702.869:8): avc: denied { dac_read_search } for pid=10063 comm="ifconfig" capability=2 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:ifconfig_t:s0 tclass=capability type=AVC msg=audit(1244646702.869:8): avc: denied { dac_override } for pid=10063 comm="ifconfig" capability=1 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:ifconfig_t:s0 tclass=capability Version-Release number of selected component (if applicable): gcc-4.1.2-46.el5.i386 selinux-policy-2.4.6-242.el5.noarch tree: RHEL5.4-Server-20090608.0 job: https://rhts.redhat.com/cgi-bin/rhts/jobs.cgi?id=64353 How reproducible: once...
This looks like you have some ownership problem in your test. Are all the files running owned by root? Is ifconfig running from a directory not owned by root. dac_overrdie and dac_read_search, means ifconfig is trying to do something that needs it to override the owner or permissions of a file because they root does not have the ability to use the file.
I can see there's reference in the code to `ifconfig` sources/Botan-1.6.5/modules/es_unix/unix_src.cpp: srcs.push_back(Unix_Program("ifconfig -a", 2)); and yes, there are some weird ownership set to bogus value: "1000:1000". I'll do some changes in the test itself and see whether the AVC disappears or not.
Made changes to botan test, so AVC is calmed down.