CompTIA Linux+ XK0-005 Practice Question
As a systems administrator, you have noticed SELinux Access Vector Cache (AVC) denial messages in your system's audit logs, indicating that a legitimate application is being blocked from performing necessary actions. You want to create a custom SELinux module to adjust the policy and allow the application to function as intended. Which command should you use to generate a custom SELinux policy module based on the recorded AVC denials?
getenforce > mymodule.te
semanage module -i mymodule.pp
audit2why -M mymodule < /var/log/audit/audit.log
audit2allow -M mymodule < /var/log/audit/audit.log