On Mon, 2 Oct 2006, Evgeniy Polyakov wrote: > On Mon, Oct 02, 2006 at 10:27:13AM -0400, James Morris ([EMAIL PROTECTED]) > wrote: > > Updated version of the patch, which return directly after a flow cache > > lookup error in xfrm_lookup rather than returing via the cleanup path > > (which was causing a spurious dst_release). > > > > This works for me, although I never saw the oops with the old patch. > > > > Evgeniy, let me know if this fixes the oops you're seeing. > > With enabled selinux in enforcing mode I can not even get messages to > racoon, i.e. tcpdump sees first message of the daemon, but racoon log > (with a lot of -d) is not changed. > With permissive mode everything works fine.
I think this could be your security policy denying access (which is a strong suspicion, becuase you hit the problem easily and it requires a policy denial). Can you look in /var/log/audit/audit.log ? (especially grep for 'association' ) What version of SELinux policy are you using? i.e. $ rpm -q selinux-policy-targeted If it's not very recent, like 2.3.16-9 or better, you may need to run a yum update. - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
