James Morris wrote:
On Tue, 3 Oct 2006, Eric Paris wrote:
I think there is going to need to be a policy change that I'm actually
talking with Dan about as I type this e-mail. I think we need
allow $1 unlabeled_t:packet { flow_in flow_out };
to be added to policy to allow things to work as they did. I'll post
again as soon as we have a policy that appears to let normal networking
work in enforcing.
We need this policy in rawhide before the kernel patches are merged
upstream, so we can note the required policy version associated with the
patches. We've do not want to kill Andrew Morton's box again with this
kind of thing.
- James
selinux-policy-2.3.18-2 has this policy.
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
