[fedora-arm] SELinux on F11 on ARM (in QEMU)?
Per Nystrom
pnystrom at netmagic.net
Fri Oct 23 17:24:44 UTC 2009
On Fri, 2009-10-23 at 12:31 -0400, Steve Grubb wrote:
> On Thu, 2009-10-22 at 21:54 -0700, Per Nystrom wrote:
>
> > But I have nothing in /dev/ except console, null, and zero so I can't
> > actually fsck root. Not that it really needs it -- when I reboot with
> > selinux=0 it comes up normally and with a clean root filesystem.
>
> I think your disk needs relabeling. You might need to do a
>
> touch /.autorelabel
I did this, but I don't think it ever gets to that point in the boot
sequence.
> and then boot with selinux=permissive. You also might be able to just do
>
> restorecon -i -r /
>
> from the maintenance mode.
I can't do anything from maintenance mode: the root filesystem is
mounted read only but its block device doesn't exist under /dev:
(Repair filesystem) 3 # df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda 4128320 1224236 2694320 32% /
(Repair filesystem) 4 # ls -l /dev/sda
ls: cannot access /dev/sda: No such file or directory
>
> > So I can confirm that the patch doesn't break anything if selinux is
> > disabled, but we're not quite there yet for selinux without initrd.
>
> One other question, is this ext3 and it has ACL enabled, too?
>
> CONFIG_EXT3_FS_XATTR=y
> CONFIG_EXT3_FS_POSIX_ACL=y
> CONFIG_EXT3_FS_SECURITY=y
Actually I'm on EXT2 right now but could easily change it to ext3. Here
are the relative bits from my kernel .config:
egrep "(FS_XATTR|FS_POSIX_ACL|
FS_SECURITY)" /var/tmp/linux-2.6.31.4/.config
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT2_FS_SECURITY=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_EXT4_FS_XATTR=y
CONFIG_EXT4_FS_POSIX_ACL=y
CONFIG_EXT4_FS_SECURITY=y
CONFIG_FS_POSIX_ACL=y
CONFIG_TMPFS_POSIX_ACL=y
# CONFIG_JFFS2_FS_XATTR is not set
-Per
More information about the arm
mailing list