On Wed, 2012-02-08 at 09:44 -0500, Christina Plummer wrote: > > > Yes, it is created by lsassd, and I think it was leftover from before. > The number in the filename is my uid - the files are owned by me. I > logged out, I removed both files as root, and then when I next logged > in as myself, a new file was created as such: > > system_u:object_r:user_tmp_t:s0 krb5cc_1040237070_CeTgk16875 > > When I logged back out, it looks like it was renamed by lsassd: > > system_u:object_r:lsassd_tmp_t:s0 krb5cc_1040237070 > > When I logged in again, a new file with a random string appended was > created with user_tmp_t context. I repeated the whole experiment, and > the file without the random string appended never re-appeared. So, > I'm not entirely sure what it's doing (something with Kerberos > tickets :) - it did grow in size when I SSHed to another box), but I > haven't seen any AVC messages about it since that first time. Right, type lsassd_tmp_t looks good. I said before that lsassd shouldnt be creating files in /tmp but i think there is probably a valid reason for this one so ignore that. > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
