On Fri, 2013-09-20 at 16:09 -0400, m.roth@xxxxxxxxx wrote: > CentOS 6.4 > selinux-policy-targeted-3.7.19-195.el6_4.12.noarch > Permissive (of course) > > postgresql is trying to read on an nfs-mounted directory. setsebool > allow_user_postgresql_connect on > use_nfs_home_dirs --> on > > And if I use audit2allow, it wants to make a policy of > #============= postgresql_t ============== > allow postgresql_t nfs_t:dir search; > > Should there be a boolean, or is this a policy oversight? And in the > meantime, should I just make the local policy? if audit2why say's "missing TE rule" then it is oversight, and then youd need to create your own modification if you want that functionality > > mark > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
