Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: Hardened
Re: Setting filesystem labels for SELinux fails 		 

Index | Next | Previous | View Flat


tom.petri at googlemail

Mar 18, 2012, 4:27 AM


Views: 455
Permalink
Re: Setting filesystem labels for SELinux fails [In reply to]
On Sun, Mar 18, 2012 at 11:36 AM, Sven Vermeulen <swift [at] gentoo> wrote:
> On Sun, Mar 18, 2012 at 10:36:53AM +0100, Tom Petri wrote:
>> Yes, extended attributes along with security labels are activated.
>>
>> # attr -s test -V test /var && attr -r test /var
>> Attribute "test" set to a 4 byte value for /var: test
>>
>> I should probably tell how I proceeded during the installation:
>> 1. created the filesystems (as usual)
>> 2. got a hardened stage3 tarball and portage
>> 3. portage sync, re-emerge portage, created a hardened-sources kernel,
>> booted up.
>> 4. emerge policys (checkpolicy, policycoreutils, selinux-base-policy [-selinux])
>> 5. emerge -uDN world
>> 6. reboot and tried rlpkg -a -r
>
> Did the setfiles commands (mentioned in the installation instructions before
> the "rlpkg -a -r") succeed, or did they give the same error?
>
> Wkr,
>        Sven Vermeulen
>
>
>
Yes, I got the same errors then:
# setfiles -r /mnt/gentoo
/etc/selinux/strict/contexts/files/file_contexts /mnt/gentoo/dev
setfiles set context /mnt/gentoo/dev->system_u:object_r:device_t
failed:'Operation not supported'
# setfiles -r /mnt/gentoo
/etc/selinux/strict/contexts/files/file_contexts /mnt/gentoo/lib
setfiles set context /mnt/gentoo/lib->system_u:object_r:lib_t
failed:'Operation not supported'

Subject User Time
Setting filesystem labels for SELinux fails tom.petri at googlemail Mar 17, 2012, 2:28 PM
    Re: Setting filesystem labels for SELinux fails swift at gentoo Mar 18, 2012, 1:55 AM
        Re: Setting filesystem labels for SELinux fails tom.petri at googlemail Mar 18, 2012, 2:36 AM
    Re: Setting filesystem labels for SELinux fails swift at gentoo Mar 18, 2012, 3:36 AM
        Re: Setting filesystem labels for SELinux fails tom.petri at googlemail Mar 18, 2012, 4:27 AM
    Re: Setting filesystem labels for SELinux fails tom.petri at googlemail Mar 20, 2012, 12:32 PM
    Re: Setting filesystem labels for SELinux fails tom.petri at googlemail Mar 21, 2012, 8:40 AM
    Re: Setting filesystem labels for SELinux fails swift at gentoo Mar 22, 2012, 8:49 AM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.