[Swan-dev] [PATCH] pluto: Update pluto to support selinux_check_access(3).
paul at nohats.ca
Fri May 12 15:57:28 UTC 2017
On Fri, 12 May 2017, Richard Haines wrote:
> Replace the SELinux avc_* calls with selinux_check_access(3) that
> combines all those services, plus:
> Checks if SELinux enabled.
> Supports reordering of classes/permissions at runtime.
> Handles unknown classes/permissions (allow|deny|reject).
> Requires libselinux 2.1.9 or greater.
Thanks for the patch. Since rhel6 still uses 2.0.94, I think we'll have
to do some additional checking to see if we can use
selinux_check_access() or need to use the old method.
More information about the Swan-dev