[Swan-dev] if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
Wewegama, Kavinda
Kavinda.Wewegama at forcepoint.com
Sat Apr 17 00:34:21 UTC 2021
There is one small oustanding change I made to generate SELinux reference policy from AVC errors (https://github.com/libreswan/libreswan/pull/420). This was very useful when I was fixing SELinux tests in the past.
-Kavinda
> -----Original Message-----
> From: Paul Wouters <paul at nohats.ca>
> Sent: Thursday, April 15, 2021 11:52 AM
> To: Wewegama, Kavinda <Kavinda.Wewegama at forcepoint.com>
> Cc: Andrew Cagney <andrew.cagney at gmail.com>; Libreswan Development
> List <swan-dev at lists.libreswan.org>
> Subject: EXTERNAL: RE: Re: RE: Re: [Swan-dev] if [ -f /sbin/ausearch ]; then
> ausearch -r -m avc -ts recent ; fi
>
> On Thu, 15 Apr 2021, Wewegama, Kavinda wrote:
>
> > Looks like the test was failing due to missing `ausearch` related
> > output. I have updated it:
> > https://github.com/libreswan/libreswan/pull/420
>
> I've fixed up these tests over the last few days already.
>
> The only real failure is the 04 tests that test for failure when 1 side is not
> using labels and the other is. That is still failing by successfully establishing the
> connection when it should not.
>
> Paul
More information about the Swan-dev
mailing list