[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-netdev
Subject: Re: Is TCP over IPsec broken in 2.6.18?
From: James Morris <jmorris () namei ! org>
Date: 2006-09-30 14:44:31
Message-ID: Pine.LNX.4.64.0609301044090.26813 () d ! namei
[Download RAW message or body]
On Sat, 30 Sep 2006, Evgeniy Polyakov wrote:
> On Sat, Sep 30, 2006 at 10:36:29AM -0400, James Morris (jmorris@namei.org) wrote:
> > On Sat, 30 Sep 2006, Evgeniy Polyakov wrote:
> >
> > > I need to cofirm that broken system in my setup does have selinux enabled
> > > with enforcing mode.
> > > I've changed it to permissive mode and it fixed setup (I do not see any
> > > warnings in dmesg).
> >
> > Something better in your case would likely be to rebuild the kernel with
> > CONFIG_SECURITY_NETWORK_XFRM=n until it's fixed.
>
> Well, it is acrypto test machine and I do not care about security there,
> so I can even disable selinux completely, but it will not help to resolve
> the issue, right?
Yes, it is a workaround.
>
> So if you have some patches I'm more than happy to test them.
Ok, coming soon.
--
James Morris
<jmorris@namei.org>
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic