[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Tue Nov 9 03:31:24 EET 2021
New commits:
commit e8f148e9309d1eb735d24991b6208f9b3c9a9b20
Author: Andrew Cagney <cagney at gnu.org>
Date: Mon Nov 8 20:24:34 2021 -0500
kernel: in shunt_policy(), use specify the template's sec_label
... and not the connection's sec_label (which for the template
was null). Fixes an error when deleting the sec_label's policy
(which is tied to the template).
Believed to also fix this error:
denied { polmatch } ... scontext=system_u:object_r:unlabeled_t:s0 ...
tcontext=system_u:object_r:ipsec_spd_t:s0
as it seems system_u:object_r:unlabeled_t:s0 is what you get when
sec_label isn't fed into the kernel.
fix #489.
More information about the Swan-commit
mailing list