.Auditd server does not start on remote logging servers using KRB5 peer authentication The SELinux policy does not contain the `auditd_tmp_t` file type for the temporary directories and files created by processes running under `auditd_t` SELinux type. This prevents starting the `auditd` service on a server when KRB5 peer authentication is used for remote logging. To work around this problem, either set `auditd_t` domain to permissive mode or build a custom SELinux policy that allows processes running under `auditd_t` type to create and modify files and directories in the `/var/tmp` directory. As a result, `auditd` server using KRB5 peer authentication for remote logging can be started only after applying the described workaround.