The following was filed automatically by setroubleshoot: Summary: SELinux is preventing /bin/touch "write" access on /.readahead_collect. Detailed Description: [touch has a permissive type (system_cronjob_t). This access was not denied.] SELinux denied access requested by touch. It is not expected that this access is required by touch and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 Target Context system_u:object_r:etc_runtime_t:s0 Target Objects /.readahead_collect [ file ] Source touch Source Path /bin/touch Port <Unknown> Host (removed) Source RPM Packages coreutils-7.5-6.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.31-3.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.31-2.fc12.x86_64 #1 SMP Thu Sep 10 00:25:40 EDT 2009 x86_64 x86_64 Alert Count 1 First Seen Sat 12 Sep 2009 06:52:02 PM CDT Last Seen Sat 12 Sep 2009 06:52:02 PM CDT Local ID 206930ef-1b8f-4b05-9f1c-739d4f413b4b Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1252799522.86:92): avc: denied { write } for pid=25987 comm="touch" name=".readahead_collect" dev=sda2 ino=47978 scontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1252799522.86:92): arch=c000003e syscall=2 success=yes exit=4 a0=7ffffdbc0f3f a1=941 a2=1b6 a3=3c9857b14c items=0 ppid=25985 pid=25987 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4 comm="touch" exe="/bin/touch" subj=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= system_cronjob_t ============== allow system_cronjob_t etc_runtime_t:file write;
Fixed in selinux-policy-3.6.31-4.fc12.noarch