Summary: SELinux is preventing the avahi-dnsconfd (avahi_t) from executing /etc/avahi/avahi-dnsconfd.action. Detailed Description: SELinux has denied the avahi-dnsconfd from executing /etc/avahi/avahi-dnsconfd.action. If avahi-dnsconfd is supposed to be able to execute /etc/avahi/avahi-dnsconfd.action, this could be a labeling problem. Most confined domains are allowed to execute files labeled bin_t. So you could change the labeling on this file to bin_t and retry the application. If this avahi-dnsconfd is not supposed to execute /etc/avahi/avahi-dnsconfd.action, this could signal a intrusion attempt. Allowing Access: If you want to allow avahi-dnsconfd to execute /etc/avahi/avahi-dnsconfd.action: chcon -t bin_t '/etc/avahi/avahi-dnsconfd.action' If this fix works, please update the file context on disk, with the following command: semanage fcontext -a -t bin_t '/etc/avahi/avahi-dnsconfd.action' Please specify the full path to the executable, Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this selinux-policy to make sure this becomes the default labeling. Additional Information: Source Context unconfined_u:system_r:avahi_t:s0 Target Context system_u:object_r:etc_t:s0 Target Objects /etc/avahi/avahi-dnsconfd.action [ file ] Source avahi-dnsconfd Source Path /usr/sbin/avahi-dnsconfd Port <Unknown> Host (removed) Source RPM Packages avahi-dnsconfd-0.6.25-3.fc11 Target RPM Packages avahi-dnsconfd-0.6.25-3.fc11 Policy RPM selinux-policy-3.6.12-50.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name execute Host Name (removed) Platform Linux (removed) 2.6.29.4-167.fc11.i586 #1 SMP Wed May 27 17:14:37 EDT 2009 i686 athlon Alert Count 4 First Seen Thu 16 Jul 2009 11:39:19 PM EEST Last Seen Thu 16 Jul 2009 11:41:12 PM EEST Local ID 920119e5-6435-4795-a00f-008ba8a3c58f Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1247776872.909:748): avc: denied { execute } for pid=18464 comm="avahi-dnsconfd" name="avahi-dnsconfd.action" dev=dm-1 ino=6490046 scontext=unconfined_u:system_r:avahi_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1247776872.909:748): arch=40000003 syscall=11 success=no exit=-13 a0=804a6b0 a1=bfecebc0 a2=981f088 a3=804a4a7 items=0 ppid=18322 pid=18464 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="avahi-dnsconfd" exe="/usr/sbin/avahi-dnsconfd" subj=unconfined_u:system_r:avahi_t:s0 key=(null) Hash String generated from selinux-policy-3.6.12-50.fc11,execute,avahi-dnsconfd,avahi_t,etc_t,file,execute audit2allow suggests: #============= avahi_t ============== allow avahi_t etc_t:file execute;
*** This bug has been marked as a duplicate of bug 538428 ***