27 Sep
2010
27 Sep
'10
11:31 a.m.
I'm now looking at audit2allow: http://wiki.centos.org/HowTos/SELinux#head-faa96b3fdd922004cdb988c1989e56191...
To follow up on this, audit2allow provided a satisfactory solution (comments on that kind of approach still welcome!):
grep sendmail /var/log/audit/audit.log | audit2allow -m sendmaillocal
sendmaillocal.te
# review and backup sendmaillocal.te checkmodule -M -m -o sendmaillocal.mod sendmaillocal.te semodule_package -o sendmaillocal.pp -m sendmaillocal.mod semodule -i sendmaillocal.pp
Once again the CentOS Wiki proved to be an invaluable source of information.