It does seem like my system still works without this allowed, but I suspect that it may cause problems in some configurations: [ 15.090525] audit: type=1400 audit(1508258158.090:3): avc: denied { map } for pid=1572 comm="lvm" path="/etc/lvm/lvm.conf" dev="dm-0" ino=19146948 scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:lvm_etc_t tclass=file permissive=0 [ 15.097910] audit: type=1400 audit(1508258158.097:4): avc: denied { map } for pid=1575 comm="lvm" path="/etc/lvm/lvm.conf" dev="dm-0" ino=19146948 scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:lvm_etc_t tclass=file permissive=0
Suggested fix: https://github.com/amade/hardened-refpolicy/commit/68c18da899a128d69a69c7f1b00511ed93b27901
Created attachment 499058 [details, diff] lvm allow map perms on lvm_etc_t and attach patch for history