Examples only: If exim gave an avc denial. 1: Create policy. audit2allow -M myexim < /var/log/audit/audit.log then enable it. semodule -i myexim.pp 2: If then in a couple of days exim generates another avc denial, different from the first. How does one edid\use audid2allow to include the new avc. Have looked at "man audit2allow" and can't seem to grasp an edit from the options. Frank -- gpg id EB547226 Revoked Forgot Password :( aMSN: Frankly3D http://www.frankly3d.com -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list