Written by: Martin Orr Let hald setsched Needed to write to /sys/devices/system/cpu/sched_mc_power_savings if you are using preemptable RCU Call chain is: sched_power_savings_store arch_reinit_sched_domains detach_destroy_domains synchronize_sched Aug 13 13:16:01 caligula kernel: type=1400 audit(1218629761.768:4): avc: denied { getsched } for pid=3304 comm="sched-powersave" scontext=system_u:system_r:hald_t:s0 tcontext=system_u:system_r:hald_t:s0 tclass=process Aug 13 13:16:01 caligula kernel: type=1400 audit(1218629761.768:5): avc: denied { setsched } for pid=3304 comm="sched-powersave" scontext=system_u:system_r:hald_t:s0 tcontext=system_u:system_r:hald_t:s0 tclass=process Aug 13 13:16:01 caligula kernel: type=1400 audit(1218629761.768:6): avc: denied { setsched } for pid=3304 comm="sched-powersave" scontext=system_u:system_r:hald_t:s0 tcontext=system_u:system_r:hald_t:s0 tclass=process Aug 13 13:16:01 caligula kernel: type=1400 audit(1218629761.768:7): avc: denied { setsched } for pid=3304 comm="sched-powersave" scontext=system_u:system_r:hald_t:s0 tcontext=system_u:system_r:hald_t:s0 tclass=process Index: policy/modules/services/hal.te =================================================================== --- policy/modules/services/hal.te.orig +++ policy/modules/services/hal.te @@ -62,7 +62,7 @@ # execute openvt which needs setuid allow hald_t self:capability { chown setuid setgid kill net_admin sys_admin sys_nice dac_override dac_read_search mknod sys_rawio sys_tty_config }; dontaudit hald_t self:capability {sys_ptrace sys_tty_config }; -allow hald_t self:process { getsched getattr signal_perms }; +allow hald_t self:process { getsched getattr setsched signal_perms }; allow hald_t self:fifo_file rw_fifo_file_perms; allow hald_t self:unix_stream_socket { create_stream_socket_perms connectto }; allow hald_t self:unix_dgram_socket create_socket_perms;