On Fedora 20, tripleo-ci has recently started to log denials with openvswitch and sysctl.
type=AVC msg=audit(1418940256.937:191): avc: denied { search } for pid=3481 comm="handler5" name="net" dev="proc" ino=9722 scontext=system_u:system_r:openvswitch_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1418940256.937:191): avc: denied { read } for pid=3481 comm="handler5" name="netdev_max_backlog" dev="proc" ino=16646 scontext=system_u:system_r:openvswitch_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file permissive=1
type=AVC msg=audit(1418940256.937:191): avc: denied { open } for pid=3481 comm="handler5" path="/proc/sys/net/core/netdev_max_backlog" dev="proc" ino=16646 scontext=system_u:system_r:openvswitch_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file permissive=1
type=AVC msg=audit(1418940256.937:192): avc: denied { getattr } for pid=3481 comm="handler5" path="/proc/sys/net/core/netdev_max_backlog" dev="proc" ino=16646 scontext=system_u:system_r:openvswitch_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file permissive=1
Fix proposed to branch: master /review. openstack. org/143572
Review: https:/