From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Fri, 3 May 2013 14:02:49 +0200
Subject: [refpolicy] [PATCH/RFC 2/2] Add minidlna policy
In-Reply-To: <1367564909.27309.49.camel@d30>
References: <20130501183657.GA25116@siphos.be>
	<20130501183845.GC25116@siphos.be> <1367509285.27309.34.camel@d30>
	<20130502192347.GA25444@siphos.be> <1367524372.27309.45.camel@d30>
	<1367564909.27309.49.camel@d30>
Message-ID: <CAPzO=Nz9miq3Je8BqiLYF6W8AyfjLNL57NELumjyE5De8wCaPA@mail.gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On May 3, 2013 9:08 AM, "Dominick Grift" <dominick.grift@gmail.com> wrote:
> Looks like compat_net support may have been completely removed:
>
> http://lists.openwall.net/netdev/2009/03/27/144

Now i'm completely lost. Does that mean that the "old", non-labeled
approach is not used anymore? I could've sworn that node_t and netif_t were
still used.

> i think we need more and better, practical examples of how to use
> secmark and how secmark can be configured to match the old compat_net
> functionality
>
> There is one nice how to by Dan Walsh on Linux.com, but other than that
> documentation is lacking in my view

Ack. And also how the default behavior is if no secmark/labeling is used...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20130503/60918c90/attachment.html