[CentOS] Logwatch verbosity

Wed Sep 22 01:21:32 UTC 2010
mark <m.roth at 5-cent.us>

Timothy Murphy wrote:
> m.roth at 5-cent.us wrote:
> 
>>> I'm getting literally hundreds of lines in my daily logwatch
>>> (under Centos-5.5), reading
>>> ---------------------------------------
>>> NULL security context for user, but SELinux in permissive mode,
>>> continuing ()
>>> ---------------------------------------
>>>
>>> These began when I started running fail2ban (with shorewall),
>>> though that is probably a coincidence.
>>>
>>> In any case, what does this line mean,
>>> and is there any way of stopping it (short of stopping selinux)?
> 
>> Sounds to me as though it's *not* a coincidence. Who does fail2ban run as
>> - for us, it's root, but is it different for you?
> 
> It is running as root, according to "ps aux | grep fail2ban".
> (I run it as a service "sudo service fail2ban restart".)
> 
> Do you get my message (NULL security context ...)?
> I've no idea what this means, or what it is referring to.

selinux. *bleah*

	mark