On Thu, 2007-03-29 at 12:35 -0400, James Morris wrote: > On Thu, 29 Mar 2007, Eric Paris wrote: > > > Right before FC6 we turned off CONFIG_SECURITY_NETWORK_XFRM since there > > was a lot of development still going on in that areas especially > > concerning secid reconciliation between that and secmark. The > > reconciliation work was killed upstream and XFRM labeling has been > > worked on upstream and has been tested by the LSPP group for quite some > > time now with success. > > > > I'd like to get both of them turned back on so Fedora users can make use > > of xfrm labeled networking. > > I definitely think it needs to be enabled, and I don't think it should > impact any normal users (you need to specially configure ipsec for > anything to happen). > > Do we have the userland patches for racoon etc. in Fedora ? I just checked and the rawhide ipsec tools appear to have all of the patches the could be needed for labeled net to work. I see no reason this couldn't be turned on in both FC6 and devel. -Eric _______________________________________________ Fedora-kernel-list mailing list Fedora-kernel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-kernel-list
