Selinux howto for the impatient

Submitted by sklav on Thu, 05/05/2011 - 00:27

But i find that in general when I setup a box I leave Selinux in permissive mode and then go threw the paces of connecting to every service i want running and all associated options so for example if you setup a website that makes use of scripts i would recommend you run them all and after completed and hopefully before you ever connect the box to the internet you run the steps below to create a policy module. I find that this has prevented me from having major issues and i get the benefits of Selinux.

To create a rule that pretty much allows all AVC denials: