On 02/18/2010 04:43 PM, Scott Salley wrote: > for pid=3158 comm="lsassd" name="CORPQA" dev=dm-0 ino=195681 > scontext=unconfined_u:system_r:lsassd_t:s0 > tcontext=system_u:object_r:home_root_t:s0 tclass=dir > type=SYSCALL msg=audit(1266523695.550:22225): arch=c000003e syscall=188 > success=yes exit=0 a0=7fab640399f0 a1=3ea9415649 a2=7fab64027990 a3=21 > items=0 ppid=2790 pid=3158 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 > egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="lsassd" > exe="/usr/sbin/lsassd" subj=unconfined_u:system_r:lsassd_t:s0 key=(null) > Run the avc through audit2why -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
