I have installed sec-policy/selinux-dnsmasq and get these messages in /var/log/avc.log: Mar 2 12:01:26 hq audit(1204455686.638:610): avc: denied { getattr } for pid=5410 comm="dnsmasq" path="/etc/resolv.conf" dev=hda5 ino=816345 scontext=system_u:system_r:dnsmasq_t tcontext=system_u:object_r:etc_runtime_t tclass=file SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 21 Policy from config file: strict
resolv.conf should be labeled net_conf_t, not etc_runtime_t.