> There were corresponding avc messages in /var/log/messages, but would > policy matter since I am running in permissive?
Policy shouldn't matter then. > Also, if I run with > NET_XFRM disabled I wont be able to run the IPSec tests, is > that what you > are suggesting? I meant the labeled IPSec stuff introduced by the NETWORK_XFRM code. If your tests don't use labeled IPSec then you should be able to run without NETWORK_XFRM. > > I plan to run the tests against an upstream kernel to see if > there are any > discrepancies. This might be a better plan (to begin with) than excluding NETWORK_XFRM altogether. -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
