SELinux + logrotate + prerotate = Permission Denied

I have what (should) be a fairly straightforward task: Migrate a set of custom log files to a database at night. I use logrotate (cron.daily) with a simple prerotate task /var/log/myapplog/*.log { daily copytruncate rotate 366 dateext dateformat .%Y-%m-%d compress missingok compresscmd /usr/bin/xz compressoptions -ze9 compressext .xz prerotate /usr/local/myapp/bin/DBWriter $1 endscript } Unfortunately SELinux doesn't see it that way. If I setenforce 0 then the script runs perfectly. Rotates logs, sends them to the DB, etc. setenforce 1, however, returns : logrotate_script: line 1: /usr/local/myapp/bin/DBWriter: Permission denied I've tried changing contexts on DBWriter, most recently I set it to unconfined_u:unconfined_r:unconfined_t which did not work either... Ideally, I need to keep SELinux enabled. If it matters, DBWriter is also available as a java .jar file. But running java -jar DBWriter.jar has the same result. Thanks in advance! ---- Edit: Win.T's answer below solved the problem for me. semanage permissive -a logrotate_t Part of the problem is that I was trying to do _exactly_ what SELinux is designed to prevent: cause process A to execute unknown file B and wreak havoc on system C Project design considerations and restrictions put us on this path. Clients don't always want to hear about those fancy buzz words like security and future-proofing.