Bug 210032
Summary: | [labeled networking] correct netlabel secid for packets without a known label | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Eric Paris <eparis> |
Component: | kernel | Assignee: | Eric Paris <eparis> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5.0 | CC: | jturner, paul.moore |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 5.0.0 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-02-19 18:04:16 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 208884 |
Description
Eric Paris
2006-10-09 16:57:58 UTC
in kernel-2.6.18-1.2725.el5 *** Bug 209555 has been marked as a duplicate of this bug. *** I think something may have been lost in translation, NetLabel should be using SECINITSID_UNLABELED not SECINITSID_NETMSG; at least this is what the patches accepted for 2.6.19 change (as well as the patches for RHEL5 I believe, I just wanted to clarify this BZ entry). Has someone verified the right thing is happening in the latest RHEL5 code? There's no patch attached to this bug and no testing results so I'm not really sure where we stand. There is no way to determine from a running system if the patch is applied or not as both SECINITSID_UNLABELED and SECINITSID_NETMSG have the same SELinux context in all of the SELinux policies that are in RHEL5. The kernel source must be verified to ensure the patch has been applied. A pointer to the patch can be found in BZ 209555. Patch confirmed with 2.6.18-8.el5. |