On Fri, 2018-02-02 at 11:01 +0000, sajjad ahmed wrote: > Hi, > > Can SELinux enable Linux boot/operate with read-only rootfs? I'm > working on an IoT project and read-only rootfs is a security > constraint and SELinux enabled image is unable to properly > boot/operate in this environment. Is this SELinux limitation, or we > can fix this with proper mount configurations. It should be possible to make this work. Android for example operates with SELinux and a read-only rootfs, although it has a very different userspace and policy layout. What exactly is the problem you are encountering with SELinux and a read-only rootfs? You should only have a problem if you are trying to make a change to the policy or the rootfs labels at runtime (as opposed to setting them all up at image build and having them remain static at runtime). _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
