Quoting Stephen Smalley (sds@xxxxxxxxxxxxxx): > > On Mon, 2008-07-07 at 13:42 -0500, Serge E. Hallyn wrote: > > It looks like unconfined_t is not granted setfcap capability. So > > when running ltp as unconfined_t, the file capabilities test fails. > > I'm just wondering what the right answer is: > > > > 1. require running ltp as an administrative type > > 2. give ltp a custom policy module to create an ltp_t > > 3. give setfcap to unconfined_t > > unconfined_t should have all capabilities already. > Policy version? Hmm yeah, I see that in the reference policy... I've not had the chance to test it myself. David had found this on his Fedora 9 machine. David, what policy version? -serge -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
