/usr/local/sbin/loginlog;/usr/local/sbin/trafficlog;/sbin/mgettyor
/usr/X11R6/XF86_SVGA
Note that these programs with special rights are protected by LIDS as if you declared them read-only with lidsadm.
Note also that LIDS try to get the dev/inode numbers of theses files when the kernel boots, so that programs that are not on the root filesystem won't be found by LIDS, and thus won't get their authorization. You can solve this by reloading the LIDS config when sealing it, with the +RELOAD_CONF option. You must have selected the corresponding option in the LIDS compilation options (see 6.1.8).