Description of problem: Presumably this happened when I was using hostnamectl to set the hostname on a new FC18 install. I set the pretty and static names with separate calls to hostnamectl. SELinux is preventing /usr/lib/systemd/systemd-hostnamed from 'unlink' accesses on the file hostname. ***** Plugin catchall_labels (83.8 confidence) suggests ******************** If you want to allow systemd-hostnamed to have unlink access on the hostname file Then you need to change the label on hostname Do # semanage fcontext -a -t FILE_TYPE 'hostname' where FILE_TYPE is one of the following: . Then execute: restorecon -v 'hostname' ***** Plugin catchall (17.1 confidence) suggests *************************** If you believe that systemd-hostnamed should be allowed unlink access on the hostname file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep systemd-hostnam /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:systemd_hostnamed_t:s0 Target Context system_u:object_r:etc_t:s0 Target Objects hostname [ file ] Source systemd-hostnam Source Path /usr/lib/systemd/systemd-hostnamed Port <Unknown> Host (removed) Source RPM Packages systemd-197-1.fc18.2.x86_64 Target RPM Packages Policy RPM selinux-policy-3.11.1-81.fc18.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.7.9-205.fc18.x86_64 #1 SMP Sun Feb 24 20:10:02 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-03-01 14:28:59 EST Last Seen 2013-03-01 14:28:59 EST Local ID d9bb99f5-18f0-44e8-8d13-ecabd3e3ef1a Raw Audit Messages type=AVC msg=audit(1362166139.61:354): avc: denied { unlink } for pid=2473 comm="systemd-hostnam" name="hostname" dev="sda5" ino=655288 scontext=system_u:system_r:systemd_hostnamed_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file type=SYSCALL msg=audit(1362166139.61:354): arch=x86_64 syscall=rename success=yes exit=0 a0=7fa838e27180 a1=7fa8379cad68 a2=7fa838e27b70 a3=22 items=0 ppid=1 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=systemd-hostnam exe=/usr/lib/systemd/systemd-hostnamed subj=system_u:system_r:systemd_hostnamed_t:s0 key=(null) Hash: systemd-hostnam,systemd_hostnamed_t,etc_t,file,unlink audit2allow #============= systemd_hostnamed_t ============== allow systemd_hostnamed_t etc_t:file unlink; audit2allow -R #============= systemd_hostnamed_t ============== allow systemd_hostnamed_t etc_t:file unlink; Additional info: hashmarkername: setroubleshoot kernel: 3.7.9-205.fc18.x86_64 type: libreport
Please update to the latest policy.