Recently the AVC messages have been changed to not include the name of the executable as this is stored in the audit system. However a consequence of this is that in the early stages of boot we can't find out which program caused a message. This probably isn't a problem for the typical Fedora user (who uses targeted policy and has most of the boot scripts running in unconfined_t), but will cause problems for people who use the strict policy in it's most strict configuration and for people who want to develop an entirely new policy. What's the recommended solution to this? Can we get the audit functionality enabled through printk early in the boot process (IE in the first few lines of rc.sysinit)? -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list