Timothy Murphy wrote: > m.roth at 5-cent.us wrote: > >>> I'm getting literally hundreds of lines in my daily logwatch >>> (under Centos-5.5), reading >>> --------------------------------------- >>> NULL security context for user, but SELinux in permissive mode, >>> continuing () >>> --------------------------------------- >>> >>> These began when I started running fail2ban (with shorewall), >>> though that is probably a coincidence. >>> >>> In any case, what does this line mean, >>> and is there any way of stopping it (short of stopping selinux)? > >> Sounds to me as though it's *not* a coincidence. Who does fail2ban run as >> - for us, it's root, but is it different for you? > > It is running as root, according to "ps aux | grep fail2ban". > (I run it as a service "sudo service fail2ban restart".) > > Do you get my message (NULL security context ...)? > I've no idea what this means, or what it is referring to. selinux. *bleah* mark