On Wed, 24 Jun 2020 at 11:05, Qiyu Yan <yanqiyu@xxxxxxxxxxxxxxxxx> wrote: > > Run your program in permissive mode and use audit2why [1], to see what's wrong. > If you have to allow that, you can use audit2allow [2] to produce a > policy package to allow that behavior in package. > I don't know how to make this into a package, maybe [3] will help. Thanks, I got [1] and [2] more or less covered thanks to the output of the SELinux troubleshooter. The missing parts were how to get policies into a subpackage (and [3] explains this, thanks), and how to write a rule just for my script, not for the whole python3 stack, and I'm still missing that bit. > [1] https://fedoraproject.org/wiki/SELinux/audit2why > [2] https://fedoraproject.org/wiki/SELinux/audit2allow > [3] https://fedoraproject.org/wiki/SELinux/IndependentPolicy -- Iñaki Úcar _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
