This issue came up on the Audit mailing list when trying to figure out why my audit queues were being overwhelmed. I'm running RHEL 6.5. Sometimes when I run a command like "semanage user -a ...", I'm receiving 15000+ audit events. Most of the events are "selinux_audit_rule_match: stale rule". I can see in services.c in the kernel code how 'latest_granting' is being incremented when the policy is being loaded. What I don't understand is why I only sometimes see these errors when I run the command. Is there anything I can do to prevent getting in this state? Thanks, Andrew Ruch _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
