This is a record from /var/log/messages
Sep 28 11:22:55 app-srv kernel: type=1400 audit(1316673006.058:21): avc: denied { execmod } for pid=23856 comm="dosmth" path="/home/user/path/some.so.1.0" dev=cciss/c0d0p3 ino=98557 scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u
bject_r:user_home_t:s0 tclass=file
I checked sestatus and this is what it returns
[root@app-srv ~]# sestatus
SELinux status: disabled
I guess there is something that I'm missing. Any clues? Is it possible that some process temporarily starts selinux and then stops it? Unfortunately auditd was stopped and I have no log to check. Any ideas?