SELinux is preventing /bin/gawk "execute" access on /var/home/rnichols/mail/spamstrings.awk
Robert Nichols
rnicholsNOSPAM at comcast.net
Fri Mar 5 15:51:25 UTC 2010
On 03/05/2010 09:13 AM, Daniel J Walsh wrote:
> Yes I think labeling the bin directory in your homedir as bin_t will
> allow almost all confined applications on your system to execute them.
>
> The problem with SELinux is people think first of adding allow rules
> rather then fixing the labeling.
In defense of those just struggling to get by, that is generally what
setroubleshoot suggests. Plus, while the audit2allow route is fairly
obvious, it take a significantly deeper understanding of the base
policy to know which of the source or target types might wrong and
just what the proper labeling should be.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
More information about the selinux
mailing list