Hi Mark, >>> time->Wed Nov 21 11:08:55 2018 type=PROCTITLE >>> msg=audit(1542816535.125:26908): >>> proctitle=2F7573722F7362696E2F73656E646D61696C002D4643726F6E4461656D6F6E >>> 002D69002D6F6469002D6F656D002D6F69002D74002D6600726F6F74 >>> type=SYSCALL msg=audit(1542816535.125:26908): arch=c000003e syscall=2 >>> success=yes exit=3 a0=7f52d568d0b8 a1=80000 a2=1b6 a3=24 items=0 >>> ppid=54786 pid=55276 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=51 >>> sgid=51 fsgid=51 tty=(none) ses=935 comm="sendmail" >>> exe="/usr/sbin/sendmail.sendmail" >>> subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 key=(null) >>> type=AVC msg=audit(1542816535.125:26908): avc: denied { open } for >>> pid=55276 comm="sendmail" >>> path="/proc/sys/net/ipv6/conf/all/disable_ipv6" dev="proc" ino=25607 >>> scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 >>> tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file >>> type=AVC msg=audit(1542816535.125:26908): avc: denied { read } for >>> pid=55276 comm="sendmail" name="disable_ipv6" dev="proc" ino=25607 >>> scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 >>> tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file I think this is caused by a leaking file descriptor to /proc/sys/net/ipv6/conf/all/disable_ipv6 from whatever cronjob you are running, which calls sendmail. Best regards, Michael _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx