Seems with every new version of Fedora there are several modifications to selinux policy that we need to do. So were trying to understand where the split is between creating a bug report and when we need to create local policy modifications. For example, email seems to always need selinux policy changes so that avc's are not blocking spamassassin and pyzor. We did a tar with option --xattrs on a Fedora 10 system for home directories and were not able to restore the tar on a Fedora 11 until we did a policy change. Still ended up needing to a restorecon on the home directories. We wonder if poking these holes in the delivered policies is the correct fix or are we opening up unnecessary security holes. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
