On Fri, 12 May 2017, Richard Haines wrote:
Replace the SELinux avc_* calls with selinux_check_access(3) that
combines all those services, plus:
Checks if SELinux enabled.
Supports reordering of classes/permissions at runtime.
Handles unknown classes/permissions (allow|deny|reject).
Requires libselinux 2.1.9 or greater.
Thanks for the patch. Since rhel6 still uses 2.0.94, I think we'll have
to do some additional checking to see if we can use
selinux_check_access() or need to use the old method.
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
