Summary: SELinux is preventing dhclient (dhcpc_t) "read write" unconfined_t. Detailed Description: [dhclient has a permissive type (dhcpc_t). This access was not denied.] SELinux denied access requested by dhclient. It is not expected that this access is required by dhclient and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context unconfined_u:system_r:dhcpc_t:s0 Target Context unconfined_u:unconfined_r:unconfined_t:s0 Target Objects socket [ unix_stream_socket ] Source dhclient Source Path /sbin/dhclient Port <Unknown> Host (removed) Source RPM Packages dhclient-4.0.0-32.fc10 Target RPM Packages Policy RPM selinux-policy-3.5.13-30.fc10 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.27.7-134.fc10.i686 #1 SMP Mon Dec 1 22:42:50 EST 2008 i686 i686 Alert Count 2 First Seen Tue 17 Nov 2009 04:35:40 PM EST Last Seen Tue 17 Nov 2009 04:35:55 PM EST Local ID 7737766d-0ec1-4981-8b91-108999ae744a Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1258493755.785:19): avc: denied { read write } for pid=3252 comm="dhclient" path="socket:[18913]" dev=sockfs ino=18913 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=AVC msg=audit(1258493755.785:19): avc: denied { read write } for pid=3252 comm="dhclient" path="socket:[18918]" dev=sockfs ino=18918 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=AVC msg=audit(1258493755.785:19): avc: denied { read write } for pid=3252 comm="dhclient" path="socket:[18916]" dev=sockfs ino=18916 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=AVC msg=audit(1258493755.785:19): avc: denied { read write } for pid=3252 comm="dhclient" path="socket:[18913]" dev=sockfs ino=18913 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=AVC msg=audit(1258493755.785:19): avc: denied { read write } for pid=3252 comm="dhclient" path="socket:[18916]" dev=sockfs ino=18916 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=AVC msg=audit(1258493755.785:19): avc: denied { read write } for pid=3252 comm="dhclient" path="socket:[18918]" dev=sockfs ino=18918 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=(removed) type=SYSCALL msg=audit(1258493755.785:19): arch=40000003 syscall=11 success=yes exit=0 a0=9a00cc0 a1=99afed8 a2=bfad00bc a3=bfacedb0 items=0 ppid=3208 pid=3252 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="dhclient" exe="/sbin/dhclient" subj=unconfined_u:system_r:dhcpc_t:s0 key=(null) Hash String generated from selinux-policy-3.5.13-30.fc10,catchall,dhclient,dhcpc_t,unconfined_t,unix_stream_socket,read,write audit2allow suggests: #============= dhcpc_t ============== allow dhcpc_t unconfined_t:unix_stream_socket { read write };
*** This bug has been marked as a duplicate of bug 538428 ***