On 6/25/07, Daniel de Kok <danieldk at pobox.com> wrote: > Make your own policy modules for local policy (you could create a start > with command (2)), but add and check rules and contexts manually. > audit2allow is a nice tool to see what was denied, but its output should > not be copied verbatim. Eh, call me lazy... I didn't want this to become a 'how to create selinux policy modules' discussion, so I paraphrased the upstream documentation. It may not be the most secure method (Obviously) but it is the same support upstreams users are paying to get, at least at the tier 1 support level. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell