Hide Forgot
Description of problem: Selinux complains about mount and /etc/mtab at boot. Version-Release number of selected component (if applicable): util-linux-2.19-0.4.fc15.x86_64 selinux-policy-targeted-3.9.13-5.fc15.noarch How reproducible: every time Steps to Reproduce: 1. Fresh install from DVD of rawhide, composed by pungi. 2. boot 3. Actual results: [ 9.029874] type=1400 audit(1296059221.510:5): avc: denied { getattr } for pid=490 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 9.042156] type=1400 audit(1296059221.523:6): avc: denied { getattr } for pid=492 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 9.048395] type=1400 audit(1296059221.529:7): avc: denied { getattr } for pid=491 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 9.049800] type=1400 audit(1296059221.531:8): avc: denied { read } for pid=491 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 9.058245] type=1400 audit(1296059221.539:9): avc: denied { read } for pid=490 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 9.059778] type=1400 audit(1296059221.541:10): avc: denied { read } for pid=492 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 9.449967] type=1400 audit(1296059221.930:11): avc: denied { getattr } for pid=498 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 14.647223] type=1400 audit(1296059227.127:19): avc: denied { getattr } for pid=920 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 14.649163] type=1400 audit(1296059227.130:20): avc: denied { read } for pid=920 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 14.674554] type=1400 audit(1296059227.155:21): avc: denied { getattr } for pid=922 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 14.677979] type=1400 audit(1296059227.158:22): avc: denied { read } for pid=922 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 15.983361] type=1400 audit(1296059228.464:23): avc: denied { create } for pid=941 comm="system-setup-ke" name="00-system-setup-keyboard.conf" scontext=system_u:system_r:keyboardd_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file [ 16.015505] type=1400 audit(1296059228.496:24): avc: denied { getattr } for pid=948 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 16.017079] type=1400 audit(1296059228.498:25): avc: denied { read } for pid=948 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 16.024979] type=1400 audit(1296059228.505:26): avc: denied { getattr } for pid=949 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 16.026720] type=1400 audit(1296059228.508:27): avc: denied { read } for pid=949 comm="mount" name="mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file [ 16.032160] type=1400 audit(1296059228.513:28): avc: denied { getattr } for pid=950 comm="mount" path="/etc/mtab" dev=sdd7 ino=787986 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=lnk_file Expected results: no complaints Additional info:
It should be already resolved by selinux-policy update.