On 2/26/08, paul.moore@xxxxxx <paul.moore@xxxxxx> wrote: > It is important to note that > while this patchset adds the permissions required it doesn't enable the > "network_peer_controls" policy capability. Darn it, I'm trying to play with a new capability for something I'm writing and I just read this whole patch set (before i read 0/5) to see where you decided to define it so I could copy that in my policy. Thanks for not doing the one thing I was hunting for! So, does anyone have a good idea suggestions where we should turn on/off these new capabilities? I know it has to be in the base module in the end, but I don't know what file to put them in. I might just throw it in kernel.te for now for me to keep testing but I assume we are going to want all of these definitions in one place? Are we going to want them all over as long as they end up being built into base? -Eric -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
