[redhat-lspp] Re: RHEL5 Kernel with labeled networking
Linda Knippers
linda.knippers at hp.com
Tue Oct 3 16:24:10 UTC 2006
James Morris wrote:
> On Tue, 3 Oct 2006, Eric Paris wrote:
>
>
>>I think there is going to need to be a policy change that I'm actually
>>talking with Dan about as I type this e-mail. I think we need
>>
>>allow $1 unlabeled_t:packet { flow_in flow_out };
>>
>>to be added to policy to allow things to work as they did. I'll post
>>again as soon as we have a policy that appears to let normal networking
>>work in enforcing.
>
>
> We need this policy in rawhide before the kernel patches are merged
> upstream, so we can note the required policy version associated with the
> patches. We've do not want to kill Andrew Morton's box again with this
> kind of thing.
Dumb question....should compat_net be "1" by default?
-- ljk
More information about the redhat-lspp
mailing list