On 01/12/2012 03:48 AM, Daniel J Walsh wrote: > In Fedora we currently dontaudit this leak. > > audit2allow -i /tmp/t > > > #============= httpd_sys_script_t ============== > #!!!! This avc has a dontaudit rule in the current policy > > allow httpd_sys_script_t httpd_t:udp_socket { read write }; Pow. Reasonable answer, and it isn't so hard to run that command -- its just difficult to understand why its necessary if you don't know anything about the environment, and mystifying if you know the command but nothing about what's going on.