Running latest rawhide, targeted enforcing. Booting up, udev (90-alsa.rulles) runs /sbin/salsa to read /var/lib/alsa/asound.state. Get these in /var/log/messages: Sep 25 06:48:13 localhost kernel: audit(1190728078.763:6): avc: denied { read } for pid=1789 comm="salsa" name="asound.state" dev=dm-0 ino=688429 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:alsa_var_lib_t:s0 tclass=file Sep 25 06:55:25 localhost kernel: audit(1190728512.708:5): avc: denied { getattr } for pid=1793 comm="salsa" path="/var/lib/alsa/asound.state" dev=dm-0 ino=688429 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:alsa_var_lib_t:s0 tclass=file tom [Sorry if I incompletely reported this before, since policy now allows directory to be read. There was a change in alsa-utils that mistakenly moved 'salsa' to /bin/salsa, so I stopped gettting AVCs. alsa-utils fixed now.] -- Tom London