Once upon a time, Łukasz Posadowski <mail at lukaszposadowski.pl> said: > From 11.06 journal is logging a lot of denied access to /proc for > unix_chkpwd by selinux. They are so frequent, that I see them in > htop. :) Right now I have 2122 logges denials. > > Is it OK for unix_chkpwd to poke in /proc? It has to know who is > logged in, do probably yes, bit I'm not sure. I haven't dug into it, but I'm thinking there was some policy or library change that isn't quite right... sssd_be also has the same denial on startup (so every boot). -- Chris Adams <linux at cmadams.net>