Hi, I just started looking into SELinux. I am wondering if there is a way to have wildcards in avc rules like: auditallow source_t target_t : * * ; which audits all access from source_t to target_t. Or do I have to add all classes objects to the rule like: auditallow source_t target_t : {appletalk_socket, association, blk_file ... } * ; Cheers, Simon