We are building an embedded system where the customer is requiring SELinux. It is our own hardware so we build our own kernel and drivers and use the ext2, jfs and tempfs file systems. This is not new for us, but incorporating SELinux is.
Does anyone know of a good knowledge resource for building embedded systems with SELinux?
We are currently plowing through a frustrating step ahead/step back process. We have SELinux running but it seems to be broken, for example one of our problems is that ls -Z shows "?" for SELinux file contexts:
root@generic-powerpc:/#getfattr -m . -d var
# file: var
security.selinux="system_u:object_r:var_t"
root@generic-powerpc:/# ls -Z
? bin ? boot ? dev ? etc ? home ? lib ?lost+found ? media ? mnt ? proc ? sbin ?selinux ? share ? sys ? tmp ? usr ? var ?www
We were unsuccessful building policies on any of our development systems (Ubuntu/Debian based) but we are now using a Fedora 19 system and that is looking promising.
Any pointers or help would be appreciated.
Don HoeferWe are currently plowing through a frustrating step ahead/step back process. We have SELinux running but it seems to be broken, for example one of our problems is that ls -Z shows "?" for SELinux file contexts:
root@generic-powerpc:/#getfattr -m . -d var
# file: var
security.selinux="system_u:object_r:var_t"
root@generic-powerpc:/# ls -Z
? bin ? boot ? dev ? etc ? home ? lib ?lost+found ? media ? mnt ? proc ? sbin ?selinux ? share ? sys ? tmp ? usr ? var ?www
We were unsuccessful building policies on any of our development systems (Ubuntu/Debian based) but we are now using a Fedora 19 system and that is looking promising.
Any pointers or help would be appreciated.
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux