> > Pardon me for the dumb question but I'm having a migraine and must
> > for a midterm tomorrow;
> > > allow dovecot_t dovecot_etc_t:file read_file_perms;
> > How do I do that?
> Hmm either I forgot to reply, or the reply didn't reach my mailbox, so
> goes the answer ;-)
> In short, you'll need to create a policy file, build it and include it
> the system. The policy will be inserted in the policy store so that it
> loaded every time you (re)boot the system, so you can remove the source
> if you want.
> Usually you don't want to though. I personally have a single
> "localpolicy.te" file in which I put all my exceptional rules (that
> need to be part of the main policy, but are necessary on my system) and
> maintain that file.
In the end, this is no longer apropos (for now) because I transferred all
my mail setup to google apps for business but I got a new spare computer
which I will use for R&D of a numbers of projects including developing
policy files for selinux.
Do you have some project for which I could help develop policy files? This
will be a good way for me to learn selinux.