On Feb 26, 2021, at 17:16, hw <h...@gc-24.de> wrote: > Ejabberd is supposed to expire files when they are older than desired, and > selinux prevents it. How can I solve this problem other than by disabling > selinux or by deleting the files manually?
It’s possible that you are only capturing part of the process, such as a stat() before unlink(), so it still fails. You need to capture the entire process. Temporarily set it to permissive (setenforce Permissive) and let it do what it does (is there a way to force it?). Then you should use ausearch to find the AVCs over the time period when it ran, and pipe that into audit2allow. HOWEVER... There’s probably a better solution than blindly creating a module. You need to figure out what the correct SELinux attribute to put on the directory so you don’t need a module. — Jonathan Billings _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos