On Sunday 12 December 2010 18:13:28 Jorge Fábregas wrote: > I'm triggering AVCs and I see them in /var/log/messages but seapplet is not > capturing them or I don't know. Arrrrgh. It turned out it was related to auditd. As soon as I started it, the notifications started again. I didn't know about "sedispatch", the actual program that watches for AVCs in the audit subsystem and sends the notifications via DBUS (eventually captured by "seapplet".) The thing is that "sedispatch" only starts if you start the auditd service :( I read that in the RHEL6 doc. You have to read that very carefully in order to notice that. It may not be obvious for many. I think there should be a "warning box" saying so (if you decide to stop auditd, you won't longer get notifications on the desktop). Sorry for the noise. Best regards, Jorge -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
