• 1
Hi Dan,

I've been tasked with installing the securid pam agent on a few of our RedHat 6.3 servers and your guide is what got me through the selinux hurdle.

However, I was wondering if you could clarify the following for me:

We turned off the use of netstat in our libraries years ago. Using netstat and ps causes me to have to allow login programs to search /sys/net and because of bugs in our kernel add a dontaudit for sys_ptrace.

I am asking because my messages gets flooded every time someone logs in.


The nss package specifically libnss3 on Fedora 18 Not sure of the version on RHEL6 used to execute netstat, just to create random data for creating crypto keys. Red Hat version of nss does not do this. It uses /dev/random for its random data.

  • 1

Log in