I have been running Red Hat Enterprise Linux since 2004, starting with RHEL 3. Later I upgraded to RHEL 5. When I needed a new computer, I got RHEL 6 to run on it. RHEL 6 runs with SELinux turned on by default and it is presenting me with oneproblem, but my /var/log/messages file indicates I have _a lot_ of others. Now according to Red Hat's documentation, I should report these as bugs, but that seems a bit extreme if it is just a misconfiguration problem. > Missing Type Enforcement rules are usually caused by bugs in SELinux > policy, and should be reported in Red Hat Bugzilla. For Red Hat > Enterprise Linux, create bugs against the Red Hat Enterprise Linux > product, and select the selinux-policy component. Include the output > of the audit2allow -w -a and audit2allow -a commands in such bug > reports. Should I really do that? And if so, just how? How do I specify the problem in a way to be useful? One problem is that I have a shell script, run by cron that sends an email with mailx to me (on the same machine). That means it is run by root. And the mail fails when cron runs it. It is adding an attachment and SELinux says it is denied. Now when I run it myself, but logged in as root, the e-mail works. I do not specifically want to solve that problem here, but I do need to now how to change the system policy file, wherever it is, so I do not need to continually make little ones, say by running stuff like this: # grep boinc_client /var/log/audit/audit.log | audit2allow -M myboinc # semodule -i myboinc.pp I also wish to make the change, if they are really required, permanent. Any advice? -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
