http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_logging.patch
New audit file context
log files under /var/spool
auditd calls getpw
audisp_t needs dac_override
audisp_t signals its self and its plugins
audisp_t will execute binaries and shell scripts
Sends dbus messages to all levels, audit runs at system_high so we need
to send dbus messages to daemons running at different levels.
audisp_t calls getpw
audisp uses dbus
audisp_remote binds to audit port to listen for incoming connections
uses getpw