Description of problem: type=AVC msg=audit(1291036477.207:4741): avc: denied { write } for pid=8427 comm="snmpd" path="pipe:[1509421]" dev=pipefs ino=1509421 scontext=root:system_r:snmpd_t:s0 tcontext=root:system_r:rpm_script_t:s0-s0:c0.c1023 tclass=fifo_file Version-Release number of selected component (if applicable): selinux-policy-targeted-2.4.6-294.el5 How reproducible: 100% Steps to Reproduce: 1. Run /CoreOS/rpm/Regression/bz471591_brokenpipe Actual results: AVC Expected results: no AVC Additional info:
Miroslav just backport the leaks code from RHEL6 and add rpm_dontaudit_leaks(domain)
Strange, should be already there ... I am going to check it.
I have found a bug. Fixed in selinux-policy-2.4.6-296.el5.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Due to an error in an SELinux policy, pre-installation and post-installation scripts in RPM packages were unable to write to a pipe. This has been fixed, and SELinux no longer prevents these scripts from performing their work.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0026.html