On Wed, 2011-11-16 at 19:15 +0100, Bhargava Shastry wrote: > Hi again, > > I am trying to set/get file SELinux contexts using the set/getfilecon > programs. I added debug prints in the kernel to track code flow. I > notice that although setfilecon succeeds on a given file, a subsequent > call to getfilecon on the same file returns the string "kernel" > irrespective of the context that was set using setfilecon. On any > other file whose context is not set yet, getfilecon properly returns > the string "unlabeled" > > I suspect the inode struct in the kernel is not being updated properly > after a setxattr call. Has anyone else faced a similar problem? I am > working on Android's Nexus one phone. - Do you have a policy loaded (requires patching init to load the policy)? - Do you have yaffs xattr support enabled in your kernel (CONFIG_YAFFS_XATTR=y)? - Do you have the two patches for yaffs that I posted (one of which they did take, the other they ignored)? http://www.aleph1.co.uk/lurker/message/20110412.193746.891b5e18.en.html http://www.aleph1.co.uk/lurker/message/20110413.203654.65d7ee58.en.html -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
