> There is a libcap-ng package fix that broke it, I believe it is being > reverted for now, and we are working to figure out a proper fix to make > SELinux Sandbox and libcap-ng play well together. I just saw that it has NOT been reverted and it was even pushed to stable! Now that it is in stable already I guess my comment here is not useful anymore: https://admin.fedoraproject.org/updates/FEDORA-2014-5589/libcap-ng-0.7.4-1.fc20?_csrf_token=8724ee7864f9a0885e688d077b550af93950db3e Should I file a bug against the selinux or the libcap-ng part? As a workaround I downgraded and added the following line to my yum.conf: exclude=libcap-ng* I find it quite sad that no one seems to care about the broken sandbox functionality at all. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
