I feel is,if these messages are due to CAP_AUDIT_WRITE capability
problem
then,adding this line to policy would have fixed the problem but that was not
happening.
allow initrc_t self:capability { audit_write audit_control };
There are 2 ways that the syscall can fail, MAC checks and DAC checks. The above
line may help MAC checks, but does nothing for the DAC check. I have a patch in
rawhide that is being tested so that when dbus changes from root to the dbus
user, it retains that capability. When I'm satisfied that I haven't introduced a
new bug with that patch, I'll port it to dbus in RHEL4 - maybe U4.
> does it fill the logs with it? If you just get a couple, all is
well.
These meesages sometimes fills log,and appears on execution of
setenforce,make load and some selinux command.
There was an updated targeted policy released after U2 that should alleviate any
MAC check problems. The DAC check problem shouldn't fill your logs.
-Steve
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com