On Wed, 2006-05-24 at 18:06 -0700, Antonio Olivares wrote: > I get some of these too, but they do not impede or > hurt anything major, so I do not complain. If they > hurted something, then I would ask. > > audit(1148514227.623:6): avc: granted { execmem } > for pid=1638 comm="kudzu" > scontext=system_u:system_r:kudzu_t:s0 > tcontext=system_u:system_r:kudzu_t:s0 tclass=process > audit(1148514227.623:7): avc: granted { execmem } > for pid=1638 comm="kudzu" > scontext=system_u:system_r:kudzu_t:s0 > tcontext=system_u:system_r:kudzu_t:s0 tclass=process You should update your selinux-policy packages. The "avc: granted" messages that fill up log files were removed from policy some time ago. > audit(1148514227.707:8): avc: denied { read } for > pid=1629 comm="readahead" name="display" dev=ramfs > ino=4403 scontext=system_u:system_r:readahead_t:s0 > tcontext=system_u:object_r:ramfs_t:s0 tclass=file > audit(1148514227.707:9): avc: denied { read } for > pid=1629 comm="readahead" name="rhgb-console" > dev=ramfs ino=4477 > scontext=system_u:system_r:readahead_t:s0 > tcontext=system_u:object_r:ramfs_t:s0 tclass=fifo_file > ip_tables: (C) 2000-2006 Netfilter Core Team > Netfilter messages via NETLINK v0.30. > ip_conntrack version 2.4 (4095 buckets, 32760 max) - > 232 bytes per conntrack > audit(1148514230.112:10): avc: denied { read } for > pid=1629 comm="readahead" name="display" dev=ramfs > ino=4403 scontext=system_u:system_r:readahead_t:s0 > tcontext=system_u:object_r:ramfs_t:s0 tclass=file > audit(1148514230.112:11): avc: denied { read } for > pid=1629 comm="readahead" name="rhgb-console" > dev=ramfs ino=4477 > scontext=system_u:system_r:readahead_t:s0 > tcontext=system_u:object_r:ramfs_t:s0 tclass=fifo_file > SELinux: initialized (dev rpc_pipefs, type > rpc_pipefs), uses genfs_contexts > SELinux: initialized (dev autofs, type autofs), uses > genfs_contexts > > If you lost some functionality as a result of that avc > message, then you are right on in asking for help. This is good advice. Paul.