>I agree with everything that you've mentioned above, the only problem >being that my brindle_client and brindle_server modules didn't call the >ipsec_labeled interface. That's why I'm confused as to why it is >working. It shouldn't be working. It's been a while and I don't have the policy in front of me, so others may be better able to answer this... The base reference policy (when using mls) contains this rule. It has a rule, ipsec_labeled(domain). regards, Joy -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
