Today's updated targeted fixes hal problem, thanks! (This appears to fix a problem where hal mounted /boot twice: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177468) The following AVCs remain in /var/log/messages. Appears that readahead is trying to access /etc/rhgb/temp/display and /etc/rhgb/temp/rhgb-console. No apparent impact on system. tom Jan 11 06:48:23 localhost kernel: ip_tables: (C) 2000-2002 Netfilter core team Jan 11 06:48:23 localhost kernel: audit(1136990871.541:4): avc: denied { read } for pid=1573 comm="readahead" name="display" dev=ramfs ino=4241 scontext=system_u:system_r:readahead_t:s0 tcontext=system_u:object_r:ramfs_t:s0 tclass=file Jan 11 06:48:23 localhost kernel: audit(1136990871.541:5): avc: denied { read } for pid=1573 comm="readahead" name="rhgb-console" dev=ramfs ino=4288 scontext=system_u:system_r:readahead_t:s0 tcontext=system_u:object_r:ramfs_t:s0 tclass=fifo_file Jan 11 06:48:23 localhost kernel: Netfilter messages via NETLINK v0.30. Jan 11 06:48:23 localhost kernel: ip_conntrack version 2.4 (8192 buckets, 65536 max) - 232 bytes per conntrack Jan 11 06:48:23 localhost kernel: audit(1136990878.790:6): avc: denied { read } for pid=1573 comm="readahead" name="display" dev=ramfs ino=4241 scontext=system_u:system_r:readahead_t:s0 tcontext=system_u:object_r:ramfs_t:s0 tclass=file Jan 11 06:48:23 localhost kernel: audit(1136990878.794:7): avc: denied { read } for pid=1573 comm="readahead" name="rhgb-console" dev=ramfs ino=4288 scontext=system_u:system_r:readahead_t:s0 tcontext=system_u:object_r:ramfs_t:s0 tclass=fifo_file Jan 11 06:48:23 localhost kernel: e1000: eth0: e1000_watchdog_task: NIC Link is Up 100 Mbps Full Duplex Jan 11 06:48:23 localhost kernel: audit(1136990897.859:8): audit_backlog_limit=256 old=64 by auid=4294967295 -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
