Summary: SELinux is preventing restorecon (restorecon_t) "read write" to socket (rpm_t). Detailed Description: SELinux denied access requested by restorecon. It is not expected that this access is required by restorecon and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:system_r:restorecon_t:SystemLow-SystemHigh Target Context root:system_r:rpm_t:SystemLow-SystemHigh Target Objects socket [ tcp_socket ] Source restorecon Source Path /sbin/restorecon Port Host x Source RPM Packages policycoreutils-1.33.12-14.el5 Target RPM Packages Policy RPM selinux-policy-2.4.6-137.1.el5 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name x Platform Linux x 2.6.18-92.el5xen #1 SMP Tue Jun 10 19:20:18 EDT 2008 x86_64 x86_64 Alert Count 7 First Seen Sat 04 Oct 2008 07:38:52 PM EDT Last Seen Sat 04 Oct 2008 08:00:41 PM EDT Local ID 23b41dee-b644-45be-8ceb-dab3fd0d8c37 Line Numbers Raw Audit Messages host=x type=AVC msg=audit(1223164841.253:104): avc: denied { read write } for pid=12341 comm="restorecon" path="socket:[79114]" dev=sockfs ino=79114 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:system_r:rpm_t:s0-s0:c0.c1023 tclass=tcp_socket host=x type=AVC msg=audit(1223164841.253:104): avc: denied { read write } for pid=12341 comm="restorecon" path="socket:[79127]" dev=sockfs ino=79127 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:system_r:rpm_t:s0-s0:c0.c1023 tclass=tcp_socket host=x type=AVC msg=audit(1223164841.253:104): avc: denied { read write } for pid=12341 comm="restorecon" path="socket:[79134]" dev=sockfs ino=79134 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:system_r:rpm_t:s0-s0:c0.c1023 tclass=tcp_socket host=x type=AVC msg=audit(1223164841.253:104): avc: denied { read write } for pid=12341 comm="restorecon" path="socket:[79142]" dev=sockfs ino=79142 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:system_r:rpm_t:s0-s0:c0.c1023 tclass=tcp_socket host=x type=AVC msg=audit(1223164841.253:104): avc: denied { write } for pid=12341 comm="restorecon" path="/var/lib/yum/transaction-done.2008-10-04.19:38.55" dev=dm-0 ino=11929811 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:object_r:var_lib_t:s0 tclass=file host=x type=AVC msg=audit(1223164841.253:104): avc: denied { read } for pid=12341 comm="restorecon" path="/var/cache/yum/updates/packages/bind-chroot-9.3.4-6.0.2.P1.el5_2.x86_64.rpm" dev=dm-0 ino=11961480 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:object_r:var_t:s0 tclass=file host=x type=AVC msg=audit(1223164841.253:104): avc: denied { read write } for pid=12341 comm="restorecon" path="/var/lib/rpm/__db.000" dev=dm-0 ino=11929751 scontext=root:system_r:restorecon_t:s0-s0:c0.c1023 tcontext=root:object_r:rpm_var_lib_t:s0 tclass=file host=x type=SYSCALL msg=audit(1223164841.253:104): arch=c000003e syscall=59 success=yes exit=0 a0=132a26d0 a1=132a2600 a2=132a23b0 a3=65 items=0 ppid=12339 pid=12341 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="restorecon" exe="/sbin/restorecon" subj=root:system_r:restorecon_t:s0-s0:c0.c1023 key=(null)