22 Sep
2010
22 Sep
'10
2:53 a.m.
m.roth@5-cent.us wrote:
I'm getting literally hundreds of lines in my daily logwatch (under Centos-5.5), reading
NULL security context for user, but SELinux in permissive mode, continuing ()
These began when I started running fail2ban (with shorewall), though that is probably a coincidence.
In any case, what does this line mean, and is there any way of stopping it (short of stopping selinux)?
Sounds to me as though it's *not* a coincidence. Who does fail2ban run as
- for us, it's root, but is it different for you?
It is running as root, according to "ps aux | grep fail2ban". (I run it as a service "sudo service fail2ban restart".)
Do you get my message (NULL security context ...)? I've no idea what this means, or what it is referring to.
--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland