That last part should have read
Maybe if CAP_FS_MASK_B1 was like this it would work.
# define CAP_FS_MASK_B1 (CAP_TO_MASK(CAP_MAC_OVERRIDE) \
| CAP_TO_MASK(CAP_MAC_ADMIN))
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
