search for: sysctl_vm_t

...policy module to allow this access. Do allow this access for now by executing: # grep named /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:system_r:named_t:s0 Target Context system_u:object_r:sysctl_vm_t:s0 Target Objects [ dir ] Source named Source Path /usr/sbin/named Port <Unknown> Host inet08.hamilton.harte-lyne.ca Source RPM Packages bind-9.8.2-0.62.rc1.el6_9.5.x86_64 Targ...

...ng down a separate problem I discovered these avc anomalies and ran audit2allow to see what was required to eliminate them. All the software is either from CentOS or EPEL. #============= amavis_t ============== allow amavis_t sysfs_t:dir open; #============= clamd_t ============== allow clamd_t sysctl_vm_t:dir search; #============= mailman_mail_t ============== #!!!! The source type 'mailman_mail_t' can write to a 'dir' of the following types: # mailman_log_t, mailman_data_t, mailman_lock_t, mailman_archive_t, var_lock_t, tmp_t, mailman_mail_tmp_t, var_log_t, root_t allow mailman_m...