On Monday 28 January 2008 7:32:30 am Stephen Smalley wrote:
> On Fri, 2008-01-25 at 14:17 -0500, Stephen Smalley wrote:
> > On Fri, 2008-01-25 at 14:24 +0900, Kohei KaiGai wrote:
> > > When I tested labeled ipsec, racoon got dead with the following
> > > messages: (I added some line break for reader's confortable)
> > >
> > > | type=AVC msg=audit(1201052881.758:783): avc: denied { read }
> > > | for pid=26854 comm="racoon" name="net" dev=proc
> > > | ino=4026531867 scontext=root:system_r:racoon_t:s0
> > > | tcontext=system_u:object_r:proc_t:s0 tclass=dir
> >
> > That one is a kernel bug (in 2.6.24). Should have a fix soon -
> > patch is being reviewed.
>
> Fix upstreamed,
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=co
>mmit;h=b1aa5301b9f88a4891061650c591fb8fe1c1
This got pushed to -stable too, right?
--
paul moore
linux security @ hp
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
