[redhat-lspp] Re: RHEL5 Kernel with labeled networking
James Morris
jmorris at namei.org
Tue Oct 3 16:08:35 UTC 2006
On Tue, 3 Oct 2006, Eric Paris wrote:
> I think there is going to need to be a policy change that I'm actually
> talking with Dan about as I type this e-mail. I think we need
>
> allow $1 unlabeled_t:packet { flow_in flow_out };
>
> to be added to policy to allow things to work as they did. I'll post
> again as soon as we have a policy that appears to let normal networking
> work in enforcing.
We need this policy in rawhide before the kernel patches are merged
upstream, so we can note the required policy version associated with the
patches. We've do not want to kill Andrew Morton's box again with this
kind of thing.
- James
--
James Morris
<jmorris at namei.org>
More information about the redhat-lspp
mailing list