On Fri, 07.06.13 12:09, Steve Grubb (sgrubb@redhat.com) wrote:Maybe the audit system should be fixed to not trip up by this?
> > > > POSIX shared memory doesn't define any useful scheme for automatic
> > > > removing of shared memory segments from /dev/shm after use. Hence, in
> > > > order to make sure that left-over segments don't fill up /dev/shm
> > > > forever PA will try to GC dead segments from /dev/shm on each
> > > > start-up. For that it iterates through /dev/shm/pulse-shm*, tries to
> > > > read the PID that is stored in there.
> > >
> > > Maybe the uid can be encoded in the name so that wrong uid's are
> > > skipped?
> >
> > But why?
>
> So that you are not filling up the audit logs. There are people that have to
> use these audit rules and we need a normally operating system to produce as
> few false positives as possible.