On Sat, Oct 25, 2014 at 04:22:38PM -0400, admin wrote: > #!!!! This avc is allowed in the current policy > allow httpd_t self:capability net_raw; > allow httpd_t self:rawip_socket create; This confusing output means that the first "allow" line is in the current policy, and the second is not. -- greg