[Fedora-xen] modifying selinux rules?

Hiya, I've decided to give enabling SELinux a shot for my new VM Dom0's and I'm hitting some snags with the SELinux policy. Specifically: audit(1176072308.841:4): avc: denied { execute } for pid=3699 comm="python" name="local-network-bridge" dev=dm-0 ino=1016069 scontext=system_u:system_r:xend_t:s0 tcontext=root:object_r:tmp_t:s0 tclass=file I've configured xend-config.sxp to use a local network bridge script rather than the default; this one brings up VLAN bridges (and it fails when it tries, but thats a different story.) Is there a simple howto for updating the selinux audit rules for Xen? Thanks, Adrian