Is there any IPsec-Tools policy available in FC2?
Park Lee
parklee_sel at yahoo.com
Thu Jan 13 11:12:13 UTC 2005
On Wed, 12 Jan 2005 at 21:08, Petre Rodan wrote:
> latest Gentoo policies can be found here:
>
>
http://dev.gentoo.org/~kaiowas/policy/gentoo/domains/program/ipsec.te
>
http://dev.gentoo.org/~kaiowas/policy/gentoo/file_contexts/program/ipsec.fc
>
> net_contexts should also contain:
> ifdef(`ipsec.te', `portcon udp 500
system_u:object_r:isakmp_port_t')
I've made some modifications in the ipsec.te and
ipsec.fc you mentioned above.and put them into the
proper location in Fedora Core 2.
When I ran 'make load' in src/policy directory.
There came a WARNING as following:
... ...
/usr/bin/checkpolicy: loading policy configuration
from policy.conf
domains/program/ipsec.te:63:WARNING 'conflicting rule
for (sysadm_locate_t, setkey_exec_t:process): default
was setkey_t, is now sysadm_setkey_t' at token ';'
on line 120846:
#line 63
type_transition sysadm_t setkey_exec_t:process
sysadm_setkey_t;
... ...
Why did it bring out such a WARNING?
Is there a method to solve it?
Thank you.
=====
Best Regards,
Park Lee
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com
More information about the fedora-selinux-list
mailing list