--- Paul Moore <[EMAIL PROTECTED]> wrote:
> > > Also, any reason why you don't just use the NetLabel default domain > > > mapping? > > > > Uh, only that I couldn't figure out how to go about doing so. If it > > simplifies (there's that word again) things I'm all for it. I would > > be happy to have my ignorance dispelled. > > Two things: > > 1. change "ndmp->domain = SMACK_CIPSO_DOMAIN_NAME" to "ndmp->domain = NULL" > 2. change "netlbl_domhsh_add()" to "netlbl_domhsh_add_default()" > > If you want to get really nitpicky the second step is optional, but I'd > prefer > you use it in case we ever need to do something radically different for the > default NetLabel domain mapping (it's really easy as they take the same > arguments in the same order, just change the function name). I gave these changes a try. netlbl_domhsh_add_default() returns -EEXIST and packets are not getting labeled. Is it possible that the default domain has to be cached? Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html