Paul, When ipsec policy is specified as: spdadd 9.3.189.57 9.3.192.210 any -ctx 1 1 "system_u:object_r:passwd_t:s3" -P out ipsec esp/transport//require ah/transport//require;
Since I specified both esp and ah protocols, racoon created 4 SAs, 2 for esp and 2 for AH. All four SAs created had the following security context: security context: root:sysadm_r:ping_t:s0-s15:c0.c1023 (A ping resulted in the SAs being created.) Hope this helps. Let me know if there is anything else I can help with. Regards, Joy -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
