[fedora-arm] SELinux on F11 on ARM (in QEMU)?
Steve Grubb
sgrubb at redhat.com
Fri Oct 23 16:31:45 UTC 2009
On Thu, 2009-10-22 at 21:54 -0700, Per Nystrom wrote:
> But now I get a whole lot of messages like below during boot and then it
> comes up in maintenance mode. From within maintenance mode I can do
> this:
>
> (Repair filesystem) 1 # sestatus
> SELinux status: enabled
> SELinuxfs mount: /selinux
> Current mode: permissive
> Mode from config file: permissive
> Policy version: 24
> Policy from config file: targeted
This is looking better. This means policy is loaded.
> But I have nothing in /dev/ except console, null, and zero so I can't
> actually fsck root. Not that it really needs it -- when I reboot with
> selinux=0 it comes up normally and with a clean root filesystem.
I think your disk needs relabeling. You might need to do a
touch /.autorelabel
and then boot with selinux=permissive. You also might be able to just do
restorecon -i -r /
from the maintenance mode.
> So I can confirm that the patch doesn't break anything if selinux is
> disabled, but we're not quite there yet for selinux without initrd.
One other question, is this ext3 and it has ACL enabled, too?
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT3_FS_SECURITY=y
-Steve
More information about the fedora-arm
mailing list