Ok, I just figure this out.
Run this:
This will list all the TE rules that will allow the denied access and reveal all processes that had associated denials. Once you find the one related to the AVC failure in the audit logs (for me it was nrpe_t), run this:
Code:
grep "your object_t" /var/log/audit/audit.log | audit2allow -M <module_name>
You will then get this message
Code:
To make this policy package active, execute:
semodule -i <module_name>.pp
Which you can then run:
Code:
semodule -i <module_name>.pp
Verify that its loaded:
Code:
semanage module -l | grep <module_name>
Then put the system back into enforcing state:
Or just modify /etc/selinux/config and reboot.
NOTE - I did this on RHEL7 and you may or may not have the semanage or semodule tools installed. If not just run a "yum provides <command> to find out what package you need and install it.