Thanks - this is helpful but still not quite a fix. The suggested fixes seem general for the three issues of dovecot, nmbd, and spamc - but audit2allow does at least create them. [dan at trailrunner ~]$ cat dovecotsocketselinux.te module dovecotsocketselinux 1.0; require { type dovecot_t; class socket create; } #============= dovecot_t ============== allow dovecot_t self:socket create; [dan at trailrunner ~]$ [dan at trailrunner ~]$ [dan at trailrunner ~]$ cat nmbdselinux.te module nmbdselinux 1.0; require { type samba_share_t; type nmbd_t; class file { rename getattr unlink append }; class dir { search setattr }; } #============= nmbd_t ============== allow nmbd_t samba_share_t:dir { search setattr }; allow nmbd_t samba_share_t:file { rename getattr unlink append }; [dan at trailrunner ~]$ [dan at trailrunner ~]$ [dan at trailrunner ~]$ cat spamcselinux.te module spamcselinux 1.0; require { type spamc_exec_t; type procmail_t; class file { read execute execute_no_trans }; } #============= procmail_t ============== allow procmail_t spamc_exec_t:file { read execute execute_no_trans }; [dan at trailrunner ~]$ The problem is that when these are installed, dovecot fails - port 993 already in use. So now what - again, default CentOS options and configuration for all three of these. On Apr 30, 2009, at 1:38 PM, Ned Slider wrote: > Dan Roberts wrote: >> Ok, but how? >> > > http://wiki.centos.org/HowTos/SELinux > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos