Hi, Is there a IPsec-Tools [1] (i.e. racoon, setkey) policy made for SELinux in Fedora Core 2 ?
Thank you.
[1] http://ipsec-tools.sourceforge.net/
===== Best Regards, Park Lee
__________________________________ Do you Yahoo!? The all-new My Yahoo! - What will yours do? http://my.yahoo.com
On Wed, 2005-01-12 at 05:32, Park Lee wrote:
Hi, Is there a IPsec-Tools [1] (i.e. racoon, setkey) policy made for SELinux in Fedora Core 2 ?
Thank you.
Petre posted a racoon policy to the selinux list on Oct 25th, see the mailing list archives. There is also an older ipsec policy already in the policy tree. Note btw that you should be running FC3 rather than FC2 if using SELinux; FC2 is deprecated for SELinux users.
Hi,
Park Lee wrote:
Hi, Is there a IPsec-Tools [1] (i.e. racoon, setkey) policy made for SELinux in Fedora Core 2 ?
latest Gentoo policies can be found here:
http://dev.gentoo.org/~kaiowas/policy/gentoo/domains/program/ipsec.te http://dev.gentoo.org/~kaiowas/policy/gentoo/file_contexts/program/ipsec.fc
net_contexts should also contain: ifdef(`ipsec.te', `portcon udp 500 system_u:object_r:isakmp_port_t')
if you tweak the file contexts for Fedora, please also send us the changes.
bye, peter
Thank you.
[1] http://ipsec-tools.sourceforge.net/
===== Best Regards, Park Lee
-- petre rodan kaiowas@gentoo.org Developer, Hardened Gentoo Linux
On Wed, 12 Jan 2005 at 21:08, petre rodan wrote:
Park Lee wrote:
Hi, Is there a IPsec-Tools [1] (i.e. racoon, setkey) policy made for SELinux in Fedora Core 2 ?
latest Gentoo policies can be found here: http://dev.gentoo.org/~kaiowas/policy/gentoo/domains/ program/ipsec.te http://dev.gentoo.org/~kaiowas/policy/gentoo/file_con texts/program/ipsec.fc
net_contexts should also contain: ifdef(`ipsec.te', `portcon udp 500 system_u:object_r:isakmp_port_t')
if you tweak the file contexts for Fedora, please also send us the changes.
I'll try to transform these policies into Fedora Core.
But, I'm not familiar with Gentoo. Would you please tell me what the main difference between the two is? and Is there anything else we should take care of in order to do the job?
Thanks.
===== Best Regards, Park Lee
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
selinux@lists.fedoraproject.org