On a CentOS 7 server, I noticed that setroubleshootd seemed to be using an inordinate percentage of the CPU's time when I ran the top command. When I used the ausearch command to query the audit daemon logs for entries that might have been created by setroubleshootd, I saw references to the
cometchat/.htaccess
file in a user's directory beneath the
directory where her Simple Machines Forum
(SMF) software resided. I also found tens of thousands of references
to that file in the /var/log/messages
file. The server runs
Security-Enhanced Linux
(SELinux) and I found that I needed to update the SELinux context for
the file to stop such entries being logged.
[ More Info ]