(Sorry for the length, I included all error messages) With the version of Firestarter from FC4 Extras myself and other users are experiencing starter up error messages with SE Linux though firestarter appears to start. There messages during bootup that permission is denied to: touch - touch /var/lock/firestarter remove - rm /var/lock/firestarter and that there is a "fatal error, your kernel does not support iptables". At the end of this message is the errors from messages and I couldn't locate any corresponding entries in audit. There could be audit entries but I couldn't tell from my VERY LIMITED SE Linux and audit knowledge. The latest policies update does not appear to have made a difference. The quick fix of coarse is to set enforcing=0 or using SELINUX=disabled in /etc/selinux/config, but this sort of defeats the purpose. As a test I set enforcing=0 during a reboot and didn't get the boot errors though there was still many messages (appended) about permission denied in /var/log/messages. Messages during regular boot Jul 1 06:17:50 localhost kernel: audit(1120213067.173:2): avc: denied { execute } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.173:3): avc: denied { getattr } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.173:4): avc: denied { getattr } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.174:5): avc: denied { execute } for pid=1833 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.174:6): avc: denied { getattr } for pid=1833 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.174:7): avc: denied { getattr } for pid=1833 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.174:8): avc: denied { execute } for pid=1834 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.174:9): avc: denied { getattr } for pid=1834 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.174:10): avc: denied { getattr } for pid=1834 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.175:11): avc: denied { execute } for pid=1835 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.175:12): avc: denied { getattr } for pid=1835 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.175:13): avc: denied { getattr } for pid=1835 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.176:14): avc: denied { execute } for pid=1836 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.176:15): avc: denied { getattr } for pid=1836 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.176:16): avc: denied { getattr } for pid=1836 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.176:17): avc: denied { execute } for pid=1837 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.176:18): avc: denied { getattr } for pid=1837 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.176:19): avc: denied { getattr } for pid=1837 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.177:20): avc: denied { execute } for pid=1838 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.177:21): avc: denied { getattr } for pid=1838 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.177:22): avc: denied { getattr } for pid=1838 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.177:23): avc: denied { execute } for pid=1839 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.177:24): avc: denied { getattr } for pid=1839 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.177:25): avc: denied { getattr } for pid=1839 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.178:26): avc: denied { execute } for pid=1840 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.178:27): avc: denied { getattr } for pid=1840 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.178:28): avc: denied { getattr } for pid=1840 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.179:29): avc: denied { execute } for pid=1841 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.179:30): avc: denied { getattr } for pid=1841 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.179:31): avc: denied { getattr } for pid=1841 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.179:32): avc: denied { execute } for pid=1842 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.179:33): avc: denied { getattr } for pid=1842 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.179:34): avc: denied { getattr } for pid=1842 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.180:35): avc: denied { execute } for pid=1843 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.180:36): avc: denied { getattr } for pid=1843 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.180:37): avc: denied { getattr } for pid=1843 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.180:38): avc: denied { execute } for pid=1844 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.180:39): avc: denied { getattr } for pid=1844 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.180:40): avc: denied { getattr } for pid=1844 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.181:41): avc: denied { execute } for pid=1845 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.181:42): avc: denied { getattr } for pid=1845 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.181:43): avc: denied { getattr } for pid=1845 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.181:44): avc: denied { execute } for pid=1846 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.182:45): avc: denied { getattr } for pid=1846 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.182:46): avc: denied { getattr } for pid=1846 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.192:47): avc: denied { create } for pid=1847 comm="iptables" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 06:17:50 localhost kernel: audit(1120213067.192:48): avc: denied { read } for pid=1847 comm="iptables" name=modprobe dev=proc ino=-268435402 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_modprobe_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.193:49): avc: denied { create } for pid=1848 comm="iptables" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 06:17:50 localhost kernel: audit(1120213067.193:50): avc: denied { read } for pid=1848 comm="iptables" name=modprobe dev=proc ino=-268435402 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_modprobe_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.194:51): avc: denied { create } for pid=1849 comm="iptables" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 06:17:50 localhost kernel: audit(1120213067.194:52): avc: denied { read } for pid=1849 comm="iptables" name=modprobe dev=proc ino=-268435402 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_modprobe_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.195:53): avc: denied { create } for pid=1850 comm="iptables" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 06:17:50 localhost kernel: audit(1120213067.195:54): avc: denied { read } for pid=1850 comm="iptables" name=modprobe dev=proc ino=-268435402 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_modprobe_t tclass=file Jul 1 06:17:50 localhost kernel: audit(1120213067.202:55): avc: denied { create } for pid=1852 comm="iptables" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 06:17:50 localhost kernel: audit(1120213067.202:56): avc: denied { read } for pid=1852 comm="iptables" name=modprobe dev=proc ino=-268435402 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_modprobe_t tclass=file ******************************************************************* Messages with enforcing=0 Jul 1 07:05:38 localhost kernel: audit(1120215935.141:2): avc: denied { read } for pid=1792 comm="cp" name=config dev=hda3 ino=681198 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:selinux_config_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.141:3): avc: denied { getattr } for pid=1792 comm="cp" name=config dev=hda3 ino=681198 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:selinux_config_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.223:4): avc: denied { getattr } for pid=1800 comm="sh" name=subsys dev=hda3 ino=940095 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215935.224:5): avc: denied { write } for pid=1829 comm="touch" name=subsys dev=hda3 ino=940095 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215935.224:6): avc: denied { add_name } for pid=1829 comm="touch" name=firestarter scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215935.224:7): avc: denied { create } for pid=1829 comm="touch" name=firestarter scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.224:8): avc: denied { write } for pid=1829 comm="touch" name=firestarter dev=hda3 ino=940966 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.233:9): avc: denied { execute } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.233:10): avc: denied { execute_no_trans } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.233:11): avc: denied { read } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:insmod_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.234:12): avc: denied { read } for pid=1832 comm="modprobe" name=modprobe.conf.dist dev=hda3 ino=680929 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_conf_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.234:13): avc: denied { getattr } for pid=1832 comm="modprobe" name=modprobe.conf.dist dev=hda3 ino=680929 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_conf_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.235:14): avc: denied { search } for pid=1832 comm="modprobe" name=modules dev=hda3 ino=453828 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_object_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215935.235:15): avc: denied { read } for pid=1832 comm="modprobe" name=modules.dep dev=hda3 ino=454981 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_object_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.235:16): avc: denied { getattr } for pid=1832 comm="modprobe" name=modules.dep dev=hda3 ino=454981 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_object_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.258:17): avc: denied { write } for pid=1832 comm="modprobe" name=ip_tables.ko dev=hda3 ino=486540 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_object_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.258:18): avc: denied { lock } for pid=1832 comm="modprobe" name=ip_tables.ko dev=hda3 ino=486540 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_object_t tclass=file Jul 1 07:05:38 localhost kernel: ip_tables: (C) 2000-2002 Netfilter core team Jul 1 07:05:38 localhost kernel: audit(1120215935.284:19): avc: denied { read } for pid=1836 comm="modprobe" name=modprobe.conf.dist dev=hda3 ino=680929 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_conf_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.284:20): avc: denied { getattr } for pid=1836 comm="modprobe" name=modprobe.conf.dist dev=hda3 ino=680929 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:modules_conf_t tclass=file Jul 1 07:05:38 localhost kernel: ip_conntrack version 2.1 (7935 buckets, 63480 max) - 272 bytes per conntrack Jul 1 07:05:38 localhost kernel: audit(1120215935.635:21): avc: denied { create } for pid=1889 comm="iptables" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 07:05:38 localhost kernel: audit(1120215935.635:22): avc: denied { getopt } for pid=1889 comm="iptables" lport=255 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 07:05:38 localhost kernel: audit(1120215935.645:23): avc: denied { setopt } for pid=1894 comm="iptables" lport=255 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=rawip_socket Jul 1 07:05:38 localhost kernel: audit(1120215935.747:24): avc: denied { search } for pid=1800 comm="sh" name=net dev=proc ino=-268435350 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_net_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215935.747:25): avc: denied { getattr } for pid=1800 comm="sh" name=ip_forward dev=proc ino=-268435327 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_net_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.747:26): avc: denied { write } for pid=1800 comm="sh" name=ip_forward dev=proc ino=-268435327 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_net_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215935.749:27): avc: denied { read } for pid=1800 comm="sh" name=conf dev=proc ino=-268435027 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_net_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215935.749:28): avc: denied { getattr } for pid=1800 comm="sh" name=conf dev=proc ino=-268435027 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sysctl_net_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.012:29): avc: denied { write } for pid=2094 comm="mv" name=dhcpd.conf dev=hda3 ino=684556 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:etc_runtime_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.012:30): avc: denied { unlink } for pid=2094 comm="mv" name=dhcpd.conf dev=hda3 ino=684556 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:etc_runtime_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.045:31): avc: denied { getattr } for pid=2095 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.057:32): avc: denied { getattr } for pid=2095 comm="dhcpd" name=dhcpd.leases dev=hda3 ino=940974 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_state_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.058:33): avc: denied { execute } for pid=2098 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.058:34): avc: denied { execute_no_trans } for pid=2098 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.058:35): avc: denied { read } for pid=2098 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_exec_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.098:36): avc: denied { read } for pid=2099 comm="dhcpd" name=pidof dev=hda3 ino=129747 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sbin_t tclass=lnk_file Jul 1 07:05:38 localhost kernel: audit(1120215936.099:37): avc: denied { search } for pid=2100 comm="pidof" name=1 dev=proc ino=65538 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.099:38): avc: denied { read } for pid=2100 comm="pidof" name=stat dev=proc ino=65550 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.099:39): avc: denied { getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=65550 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.099:40): avc: denied { read } for pid=2100 comm="pidof" name=exe dev=proc ino=65545 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t tclass=lnk_file Jul 1 07:05:38 localhost kernel: audit(1120215936.099:41): avc: denied { search } for pid=2100 comm="pidof" name=2 dev=proc ino=131074 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.099:42): avc: denied { read } for pid=2100 comm="pidof" name=stat dev=proc ino=131086 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.100:43): avc: denied { getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=131086 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.100:44): avc: denied { read } for pid=2100 comm="pidof" name=exe dev=proc ino=131081 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t tclass=lnk_file Jul 1 07:05:38 localhost kernel: audit(1120215936.100:45): avc: denied { search } for pid=2100 comm="pidof" name=901 dev=proc ino=59047938 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.100:46): avc: denied { read } for pid=2100 comm="pidof" name=stat dev=proc ino=59047950 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.100:47): avc: denied { getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=59047950 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.100:48): avc: denied { read } for pid=2100 comm="pidof" name=exe dev=proc ino=59047945 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t tclass=lnk_file Jul 1 07:05:38 localhost kernel: audit(1120215936.101:49): avc: denied { search } for pid=2100 comm="pidof" name=1013 dev=proc ino=66387970 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.101:50): avc: denied { read } for pid=2100 comm="pidof" name=stat dev=proc ino=66387982 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.101:51): avc: denied { getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=66387982 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.101:52): avc: denied { read } for pid=2100 comm="pidof" name=exe dev=proc ino=66387977 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t tclass=lnk_file Jul 1 07:05:38 localhost kernel: audit(1120215936.102:53): avc: denied { search } for pid=2100 comm="pidof" name=1833 dev=proc ino=120127490 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.102:54): avc: denied { read } for pid=2100 comm="pidof" name=stat dev=proc ino=120127502 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.102:55): avc: denied { getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=120127502 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.102:56): avc: denied { read } for pid=2100 comm="pidof" name=cwd dev=proc ino=120127495 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t tclass=lnk_file Jul 1 07:05:38 localhost kernel: audit(1120215936.114:57): avc: denied { search } for pid=2102 comm="rhgb-client" name=rhgb dev=hda3 ino=682523 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:mnt_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.114:58): avc: denied { search } for pid=2102 comm="rhgb-client" name=/ dev=ramfs ino=4327 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:ramfs_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.114:59): avc: denied { write } for pid=2102 comm="rhgb-client" name=rhgb-socket dev=ramfs ino=4335 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:ramfs_t tclass=sock_file Jul 1 07:05:38 localhost kernel: audit(1120215936.114:60): avc: denied { connectto } for pid=2102 comm="rhgb-client" name=rhgb-socket scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t tclass=unix_stream_socket Jul 1 07:05:38 localhost kernel: audit(1120215936.177:61): avc: denied { search } for pid=2103 comm="dhcpd" name=gdm dev=hda3 ino=940237 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:xserver_log_t tclass=dir Jul 1 07:05:38 localhost kernel: audit(1120215936.205:62): avc: denied { read } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3 ino=940974 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_state_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.212:63): avc: denied { append } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3 ino=940974 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_state_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.224:64): avc: denied { unlink } for pid=2107 comm="dhcpd" name=dhcpd.leases~ dev=hda3 ino=940970 scontext=system_u:system_r:dhcpc_t tcontext=root:object_r:dhcpd_state_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.224:65): avc: denied { link } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3 ino=940974 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_state_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.224:66): avc: denied { unlink } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3 ino=940974 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:dhcpd_state_t tclass=file Jul 1 07:05:38 localhost kernel: audit(1120215936.229:67): avc: denied { name_bind } for pid=2107 comm="dhcpd" s -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list