...but the new network permission checks will not be applied until/unless you configure secmark or labeled networking. Or set the always_check_network policy capability to 1 for secmark, if your kernel supports that.
Seems I have no such capability. My /sys/fs/selinux/policy_capabilities/ contains only two files:
network_peer_controls open_perms -- Stepan G. Fedorov <StFedorov@xxxxxxxxx> Tel: +7-965-750-91-91 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
