On Wed, 24 Jun 2020 at 11:05, Qiyu Yan <yanq...@fedoraproject.org> wrote: > > Run your program in permissive mode and use audit2why [1], to see what's > wrong. > If you have to allow that, you can use audit2allow [2] to produce a > policy package to allow that behavior in package. > I don't know how to make this into a package, maybe [3] will help.
Thanks, I got [1] and [2] more or less covered thanks to the output of the SELinux troubleshooter. The missing parts were how to get policies into a subpackage (and [3] explains this, thanks), and how to write a rule just for my script, not for the whole python3 stack, and I'm still missing that bit. > [1] https://fedoraproject.org/wiki/SELinux/audit2why > [2] https://fedoraproject.org/wiki/SELinux/audit2allow > [3] https://fedoraproject.org/wiki/SELinux/IndependentPolicy -- Iñaki Úcar _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
