Description of problem: avc: denied { signal } for pid=2075 comm="audispd" scontext=system_u:system_r :audisp_t:s0 tcontext=system_u:system_r:prelude_audisp_t:s0 tclass=process Version-Release number of selected component (if applicable): selinux-policy-3.5.5-1.fc10.noarch solution: logging.te optional_policy(` prelude_signal_audisp(audisp_t) ')
`logging_audisp_system_domain' Has allow $1 audisp_t:process signal; But I think this should be allow audisp_t $1:process signal; I am not sure if a subprocess should be sending signals to audisp other then sigchld?
Wrt to audispd and its children, child to parent is only SIGCHLD, parent to child is SIGHUP, SIGTERM, and SIGKILL if they don't listen very well.
Thanks Steve, I will fix the policy. selinux-policy-3.5.5-3.fc10