Mounting FC1 cd1 as normal user fails when in enforcing mode, but is allowed (with audit) when in permissive mode. Note: I relinked files in a modified way, it is straightforward, but I apologize if it confuses (/mnt/cdrom1 is not used, but links to /mnt/cdrw). /mnt/cdrw: directory /dev/hdd: block special (22/64) 426829 8 drwxr-xr-x 2 system_u:object_r:mnt_t 0 0 4 Mar 29 17:33 cdrw/ 66236 4 brw------- 1 system_u:object_r:fixed_disk_device_t 502 6 22, 64 Feb 23 13:02 hdd $-> getenforce enforcing $-> mount /mnt/cdrw mount: only root can mount /dev/hdd on /mnt/cdrw (root runs setenforce 0) (normal user) $-> mount /mnt/cdrw (success mounting) -- audit generated Apr 18 18:17:07 CirithUngol kernel: audit(1082326627.383:0): avc: denied { getattr } for pid=20162 exe=/bin/mount path=/dev/hdd dev=hdb8 ino=66236 scontext=user_u:user_r:user_mount_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file /etc/fstab entry: /dev/hdd /mnt/cdrw iso9660 noauto,owner,ro 0 0 policy version: policy-1.11.2-9 (a full relabel was not performed since this policy was updated) -- Andrew Farris, CPE senior (California Polytechnic State University, SLO) fedora@xxxxxxxxxxxxxxxx :: lmorgul on irc.freenode.net "The only thing necessary for the triumph of evil is for good men to do nothing." (Edmond Burke)