selinux_denial

low risk·Version 1.1.0·Live

SELinux AVC denials: context mismatches for nginx, php-fpm, or containers; use permissive domains only as a temporary bridge with audit evidence.

When-rules (signature × N in M minutes → actions): 2 — see config/reflex.php for the YAML schema; evaluator wiring is tracked separately.

To run remediation, sign in and use server repair flows or your chat integrations. This catalogue only lists validated YAML shipped with Reflex.