On Tue, 2013-02-19 at 07:55 +0100, Maurizio Pagani Gmail wrote:
type=AVC msg=audit(1361254531.179:7044668): avc: denied { sigchld } for pid=3968 comm="bash" scontext=ssh_role_u:diskadm_role_r:lvm_t:s0 tcontext=ssh_role_u:diskadm_role_r:diskadm_role_t:s0 tclass=process
sigchld permission is "child terminated" signal. child processes need to be able to send those to the parent process (in this case "lvdisplay(lvm_t)" executed by the user, using the "BASH shell(diskadm_role_t)"
This is a common event when doing a domain transition and therefore it is also part of the domtrans_pattern() pattern. This is a pattern in refpolicy that has all common permissions required to domain transition