On 07/30/2009 04:49 AM, Frank Murphy wrote: > Waht does all this mean from logwatch, > What are in plain speak unmatched entries? > > > --------------------- Selinux Audit Begin ------------------------ > > Number of audit daemon starts: 5 > > Number of audit daemon stops: 6 > > **Unmatched Entries** > audit(1248863231.539:55834): auid=4294967295 ses=4294967295 > subj=system_u:system_r:readahead_t:s0 op=remove rule key=(null) list=2 > res=1 > audit(1248863231.539:55835): audit_enabled=0 old=1 auid=4294967295 > ses=4294967295 subj=system_u:system_r:readahead_t:s0 res=1 > audit(1248865986.300:28653): auid=4294967295 ses=4294967295 > subj=system_u:system_r:readahead_t:s0 op=remove rule key=(null) list=2 > res=1 > audit(1248865986.300:28654): audit_enabled=0 old=1 auid=4294967295 > ses=4294967295 subj=system_u:system_r:readahead_t:s0 res=1 > audit(1248867118.172:28695): auid=4294967295 ses=4294967295 > subj=system_u:system_r:readahead_t:s0 op=remove rule key=(null) list=2 > res=1 > audit(1248867118.172:28696): audit_enabled=0 old=1 auid=4294967295 > ses=4294967295 subj=system_u:system_r:readahead_t:s0 res=1 > config change requested by pid=9598 auid=500 > subj=unconfined_u:system_r:initrc_t:s0 > audit(1248871767.418:3339) config changed, auid=500 pid=9598 > subj=unconfined_u:system_r:initrc_t:s0 res=success > > ---------------------- Selinux Audit End ------------------------- > These are audit messages, not SELinux AVC messages or any kind of SELinux message. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
