SELinux - permitindo acesso de leitura / abertura do rsyslog a alguns arquivos

Então eu tenho três arquivos que eu preciso rsyslog para abrir, a fim de encaminhar as entradas para outro servidor. O SELinux está impedindo isso com o seguinte erro:

type=AVC msg=audit(1371186588.768:1324460): avc:  denied  { open } for  pid=3714     comm="rsyslogd" name="named.debug.log" dev=dm-0 ino=1180551 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:named_cache_t:s0 tclass=file
type=SYSCALL msg=audit(1371186588.768:1324460): arch=c000003e syscall=2 success=no exit=-13 a0=7fb254001b30 a1=80100 a2=180 a3=2e67756265642e64 items=0 ppid=1 pid=3714 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=7926 comm="rsyslogd" exe="/sbin/rsyslogd" subj=unconfined_u:system_r:syslogd_t:s0 key=(null)

Executando isso por meio do audit2allow, recebo o seguinte:

module rsysloglocal 1.0;

require {
        type named_cache_t;
        type syslogd_t;
        class file { read write };
}

#============= syslogd_t ==============
allow syslogd_t named_cache_t:file { read write };

Infelizmente, isso não funciona. Ainda estou recebendo a mensagem acima do SELinux.

Os arquivos que eu preciso assistir com o rsyslog estão em / var / named / data / log /, e é por isso que o SELinux está fazendo referência à coisa named_cache_t (eu acho).

Alguma opinião?

Editar: semodule -l output:

abrt    1.2.0
accountsd       1.0.0
ada     1.4.0
afs     1.5.3
aiccu   1.0.0
aide    1.5.0
aisexec 1.0.0
amanda  1.12.0
amavis  1.10.3
amtu    1.2.0
apache  2.1.2
apcupsd 1.6.1
arpwatch        1.8.1
asterisk        1.7.1
audioentropy    1.6.0
automount       1.12.1
avahi   1.11.2
awstats 1.2.0
bind    1.10.2
bitlbee 1.2.1
bluetooth       3.2.2
boinc   1.0.0
bugzilla        1.0
cachefilesd     1.0.17
calamaris       1.5.1
canna   1.10.0
ccs     1.4.1
cdrecord        2.2.1
certmaster      1.0.2
certmonger      1.0.0
certwatch       1.5.0
cfengine        1.0.0
cgroup  1.0.0
chrome  1.0.0
chronyd 1.0.1
cipe    1.5.0
clamav  1.7.1
clogd   1.0.0
cloudform       1.0
cmirrord        1.0.0
cobbler 1.1.0
comsat  1.7.0
condor  1.0.0
consolekit      1.5.1
corosync        1.0.0
courier 1.8.1
cpufreqselector 1.1.0
ctdbd   1.0.0
cups    1.13.0
cvs     1.8.0
cyphesis        1.2.0
cyrus   1.9.1
daemontools     1.2.0
dbskk   1.5.0
dcc     1.8.2
denyhosts       1.0.0
devicekit       1.0.0
dhcp    1.8.1
dictd   1.7.0
dirsrv-admin    1.0.0
dirsrv  1.0.0
dnsmasq 1.8.1
dovecot 1.11.1
drbd    1.0.0
ethereal        2.0.0
execmem 1.0.0
exim    1.4.2
fail2ban        1.3.2
fcoemon 1.0.0
fetchmail       1.9.2
finger  1.9.0
firewallgui     1.0.0
fprintd 1.0.1
ftp     1.11.0
games   2.1.0
git     1.0.3
gitosis 1.0.1
glance  1.0.0
gnome   2.0.0
gnomeclock      1.0.0
gpg     2.2.1
gpm     1.7.1
gpsd    1.0.2
guest   1.0.1
hal     1.12.1
hddtemp 1.0.0
howl    1.8.1
icecast 1.0.0
inn     1.9.0
ipsec   1.10.2
irc     2.1.0
iscsi   1.6.2
jabber  1.8.0
java    2.2.1
kdump   1.0.1
kdumpgui        1.0.0
kerberos        1.10.2
kerneloops      1.3.1
keystone        1.0.0
kismet  1.4.2
ksmtuned        1.0.0
ktalk   1.7.1
ldap    1.10.0
likewise        1.0.0
lircd   1.0.1
livecd  1.0.0
lldpad  1.0.0
lockdev 1.3.0
logadm  1.0.0
lpd     1.12.0
mailman 1.7.2
matahari        1.0.0
mediawiki       1.0.0
memcached       1.1.2
milter  1.1.1
modemmanager    1.0.1
mono    1.6.1
mozilla 2.1.1
mpd     1.0.0
mplayer 2.1.0
mrtg    1.8.0
munin   1.7.0
mysql   1.11.3
nagios  1.8.0
namespace       1.0.0
ncftool 1.0.0
netlabel        1.3.0
nis     1.10.0
nova    1.0.0
nslcd   1.0.1
nsplugin        1.0.0
ntop    1.8.1
ntp     1.9.1
nut     1.0.1
nx      1.4.0
oddjob  1.7.0
openct  1.4.0
openoffice      1.0.0
openvpn 1.9.1
pads    1.0.0
passenger       1.0.0
pcscd   1.5.2
pegasus 1.8.0
permissivedomains       1.0.0
pingd   1.0.0
piranha 1.0.0
plymouthd       1.0.0
podsleuth       1.2.1
policykit       1.1.0
portmap 1.9.0
portreserve     1.1.1
postfix 1.11.0
postgresql      1.12.1
postgrey        1.7.0
ppp     1.11.2
prelude 1.1.2
privoxy 1.9.1
procmail        1.11.0
psad    1.0.0
ptchown 1.0.1
publicfile      1.1.0
pulseaudio      1.1.2
puppet  1.0.0
pyzor   2.1.0
qemu    1.3.2
qmail   1.5.0
qpidd   1.0.0
quantum 1.0.0
radius  1.11.0
radvd   1.11.2
razor   2.1.0
rdisc   1.7.1
remotelogin     1.7.0
rgmanager       1.0.0
rhcs    1.1.0
rhev    1.0
rhgb    1.9.0
rhsmcertd       1.0.0
ricci   1.6.0
rlogin  1.9.0
roundup 1.7.0
rpcbind 1.4.1
rshd    1.7.0
rssh    2.0.0
rsync   1.9.1
rsysloglocal    1.0
rtkit   1.0.1
rwho    1.6.0
samba   1.12.0
sambagui        1.0.0
sandbox 1.0.0
sanlock 1.0.0
sasl    1.12.1
sblim   1.0.0
screen  2.2.2
sectoolm        1.0.0
seunshare       1.1.0
sge     1.0.0
shutdown        1.0.0
slocate 1.9.0
smartmon        1.9.1
smokeping       1.0.0
smoltclient     1.0.0
snmp    1.10.2
snort   1.8.1
sosreport       1.0.0
soundserver     1.8.0
spamassassin    2.2.0
squid   1.9.0
sssd    1.0.2
staff   2.0.1
stunnel 1.9.0
sysadm_secadm   1.0.0
sysstat 1.5.1
tcpd    1.4.0
telepathy       1.0.0
telnet  1.9.1
tftp    1.12.0
tgtd    1.0.1
tmpreaper       1.4.0
tor     1.6.1
tuned   1.0.1
tvtime  2.0.0
ulogd   1.1.0
uml     2.1.0
unconfined      3.1.1
unconfineduser  1.0.0
unlabelednet    1.0
unprivuser      2.0.1
usbmodules      1.2.0
usbmuxd 1.0.0
userhelper      1.5.0
usernetctl      1.5.0
uucp    1.10.2
uuidd   1.0.0
varnishd        1.1.0
vdagent 1.0.0
vhostmd 1.0.0
virt    1.4.0
vmware  2.2.0
vpn     1.12.0
w3c     1.0.0
wdmd    1.0.0
webadm  1.1.0
webalizer       1.10.0
wine    1.6.1
xen     1.9.2
xfs     1.6.0
xguest  1.0.1
zabbix  1.2.0
zarafa  1.0.0
zebra   1.10.1
zosremote       1.1.0

Editar 2: Eu também tentei isso usando apenas permissões de leitura (permitir syslogd_t named_cache_t: arquivo lido;) ao invés de ler / escrever. Sem dados.