SELinux denes execute despite correct type context (LVS/IPVS/Piranha/Nanny sendprogram script)

view story

http://serverfault.com – The heartbeat type polling tool nanny (part of Piranha / Linux Virtual Server) is being denied access to my "sendprogram" scripts by SELinux. I think this is purely an SELinux issue not nanny. As I read it context unconfined_u:system_r:piranha_lvs_t:s0 is denied execute to unconfined_u:object_r:piranha_lvs_t:s0. So what am I doing wrong? Disabling SELinux (setenforce 0) works and the contexts are set as follows: Context # ll -Z /opt/ drwxr-xr-x. root root unconfined_u:object_r:piranha_lvs_t:s0 monitorscripts # ll -Z /opt/monitorscripts -rwxr-xr-x. root root unconfined_u:object_r:piranha (HowTos)