On 01/12/2013 04:35 AM, Ilyas -- wrote:
[root@srv-1.home ~]# cat /var/log/audit/audit.log | grep smartd | audit2allow -M smartd_svirt_image [root@srv-1.home ~]# semodule -i smartd_svirt_image.pp but it not helped to solve problem.
How I can create permissive rule for selinux in my case?
If you need to create your own rules, the first thing you need to do is capture the audit log, and set the system into permissive mode:
tail -f /var/log/audit/audit.log In a new terminal: setenforce permissive
Now, run the process that's generating AVCs. Run through its standard operations. When that's done, use all of the relevant AVCs that you captured through audit2why to make sure that there's not an existing boolean that can be flipped. Assuming there isn't, run them through audit2allow -M.