Hi, On my Fedora 12 system I changed - on purpose - the label for the sshd binary. I gave it httpd_exec_t and tried to start it with the service command to see what happens. I got: Starting sshd: Could not load host key: /etc/ssh/ssh_host_rsa_key Could not load host key: /etc/ssh/ssh_host_dsa_key ..which is expected as "httpd_t" doesn't have access to these files. My question is: Why don't I get any AVC errors for this? I was expecting something like "httpd_t is ttrying to read files labeled as sshd_key_t..." There's nothing in /var/log/audit/audit.log (I'm using auditd). Are there any "dontaudit" rules for these types of access that causes SELinux not to log these? Regards, Jorge -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
