Summary: SELinux is preventing /sbin/setfiles access to a leaked /tmp/tmpiObIbA file descriptor. Detailed Description: [restorecon has a permissive type (setfiles_t). This access was not denied.] SELinux denied access requested by the restorecon command. It looks like this is either a leaked descriptor or restorecon output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the /tmp/tmpiObIbA. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Additional Information: Source Context system_u:system_r:setfiles_t:s0-s0:c0.c1023 Target Context system_u:object_r:initrc_tmp_t:s0 Target Objects /tmp/tmpiObIbA [ file ] Source restorecon Source Path /sbin/setfiles Port <Unknown> Host spearhead Source RPM Packages policycoreutils-2.0.83-33.1.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-73.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name leaks Host Name spearhead Platform Linux spearhead 2.6.34.7-61.fc13.i686.PAE #1 SMP Tue Oct 19 04:24:06 UTC 2010 i686 i686 Alert Count 9 First Seen Tue 23 Nov 2010 11:06:30 AM EST Last Seen Tue 07 Dec 2010 09:14:28 AM EST Local ID 63178dc8-481e-4e8c-a957-cc82ab5c25e4 Line Numbers Raw Audit Messages node=spearhead type=AVC msg=audit(1291731268.721:28596): avc: denied { read append } for pid=10545 comm="restorecon" path="/tmp/tmpiObIbA" dev=dm-0 ino=2228304 scontext=system_u:system_r:setfiles_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file node=spearhead type=SYSCALL msg=audit(1291731268.721:28596): arch=40000003 syscall=11 success=yes exit=0 a0=89d4e40 a1=89d1868 a2=89d15a8 a3=89d1868 items=0 ppid=10433 pid=10545 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="restorecon" exe="/sbin/setfiles" subj=system_u:system_r:setfiles_t:s0-s0:c0.c1023 key=(null)
*** This bug has been marked as a duplicate of bug 662092 ***