Hello, I’m working on a project using a selinux reference policy on an embedded system. The device uses a squashfs file system that is labeled during build time. During the build, policy file labels are applied using Pseudo and setfiles with an alternate root path specified. Using a Fedora system it is possible to mount the squashfs file and confirm the file labels are correct. When checked on target system the squashfs files are incorrect, but ram disk files are correct. All squashfs files are system_u:object_r:unlabeled_t The kernel .config values for squsahfs and selinux here here CONFIG_SQUASHFS=y CONFIG_SQUASHFS_XATTR=y CONFIG_SQUASHFS_ZLIB=y CONFIG_SQUASHFS_LZO=y CONFIG_SQUASHFS_XZ=y # CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set CONFIG_SQUASHFS_EMBEDDED=y CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=10 CONFIG_SECURITY_SELINUX=y CONFIG_SECURITY_SELINUX_BOOTPARAM=y CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 CONFIG_SECURITY_SELINUX_DISABLE=y CONFIG_SECURITY_SELINUX_DEVELOP=y CONFIG_SECURITY_SELINUX_AVC_STATS=y CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX=n # CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set Has anyone else run into this problem? Any suggestions on what may be wrong? Regards, josh |
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
