Hey Juan

I'm troubleshooting the radicale policy but I cannot figure why the service fails to transition to radicale_t. It runs in the init_t domain.

is your module loaded? (semodule -l | grep radicale)

Do your files have correct labels? (ls -lZ /usr/bin/radicale )?

>  allow radicale_t bin_t:file execute;

might better use the corecmd_exec_bin()


> files_type(radicale_etc_t);

maybe better use files_config_file()


- Thomas