Description of problem: SElinux denials on log file Version-Release number of selected component (if applicable): perl-Razor-Agent-2.84-1.el5 How reproducible: build, install run Steps to Reproduce: type=1107 audit(1273870143.957:3): user pid=1935 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: received policyload notice (seqno=2) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?)' type=1403 audit(1273870143.961:4): policy loaded auid=4294967295 ses=4294967295 type=1400 audit(1274203962.780:5): avc: denied { ioctl } for pid=9820 comm="spamd" path="/razor-agent.log" dev=sda2 ino=14 scontext=user_u:system_r:spamd_t:s0 tcontext=user_u:object_r:root_t:s0 tclass=file type=1400 audit(1274203962.781:6): avc: denied { append } for pid=9820 comm="spamd" path="/razor-agent.log" dev=sda2 ino=14 scontext=user_u:system_r:spamd_t:s0 tcontext=user_u:object_r:root_t:s0 tclass=file
Re-assigning to selinux-policy-targeted. Daniel, can you take care, please?
Why is razor writing its log file in /? If you move the log file to /var/log/ and run restorecon on it, this AVC will go away. If you must have the log file in /, then you need to setup the correct labeling. # semanage fcontext -a -t razor_log_t /razor-agent.log # restorecon -v /razor-agent.log