On 2/5/19 1:12 PM, Patrick Laimbock wrote: > -----Original message----- >> From:Robert Moskowitz <rgm at htt-consult.com> >> Sent: Tuesday 5th February 2019 16:21 >> To: Conversations around CentOS on ARM hardware <arm-dev at centos.org> >> Subject: [Arm-dev] whatprovides sepol-ifgen? >> >> I am fighting to get dovecot working with mysql.sock with SELinux >> enforced. And I am trying to do this 'better' than what I found 2 years >> ago. On the SELiunx list I was told to run: >> >> ausearch -m AVC --context dovecot_t | audit2allow --reference -m >> dovecot_mysql_custom >> >> But this generates the error >> >> could not open interface info [/var/lib/sepolgen/interface_info >> >> To fix this I was told to run >> >> sepol-ifgen > Try sepolgen-ifgen. IIRC it lives in the policycoreutils-devel package. > > Patrick Thanks Patrick, but turns out I don't need to do this. Another Redhat developer chimed in on the SELinux list and provided me the right policy magic to get dovecot, mysql, and selinux all happy. I will be documenting all this shortly. Now moving on to the next issue.