Policy for authenticating domain users
Daniel J Walsh
dwalsh at redhat.com
Thu Feb 18 21:59:30 UTC 2010
On 02/18/2010 04:43 PM, Scott Salley wrote:
> for pid=3158 comm="lsassd" name="CORPQA" dev=dm-0 ino=195681
> scontext=unconfined_u:system_r:lsassd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> type=SYSCALL msg=audit(1266523695.550:22225): arch=c000003e syscall=188
> success=yes exit=0 a0=7fab640399f0 a1=3ea9415649 a2=7fab64027990 a3=21
> items=0 ppid=2790 pid=3158 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0
> egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="lsassd"
> exe="/usr/sbin/lsassd" subj=unconfined_u:system_r:lsassd_t:s0 key=(null)
>
Run the avc through audit2why
More information about the selinux
mailing list