On Fri, Jul 19, 2013 at 11:22 AM, Janosch Maier <jma...@zertisa.com> wrote: > For now I am only trying to get the core SELinux features running. As > they are merged to AOSP, I expected the core functionality to be in the > CyanogenMod master branch as well.
Most of the SE for Android patches have recently (yesterday) been pushed into CM master: http://review.cyanogenmod.org/#/q/owner:%22Ricardo+Cerqueira%22+status:merged,p,00267cd30000b27d When did you last sync? Also, did you build with HAVE_SELINUX=true? > > When I create a kernel with SELinux enabled, I get a behaviour, that is > not conclusive for me: > > Running getenforce, I get the answer: > > # getenforce > getenforce: no such tool > > ls gives its usual output: > # ls -Z > drwxr-xr-x root root - acct > drwxrwx--x system cache - cache > ... > > ps shows, that there is some SELinux labeling > # ps -Z > LABEL USER PID PPID NAME > kernel root 1 0 /init > kernel root 2 0 kthreadd > ... > > Any hint, what I am missing and why ps shows some labeling, and ls does not. > > Am 19.06.2013 17:07, schrieb Joshua Brindle: >> On Wed, Jun 19, 2013 at 10:43 AM, Janosch Maier <jma...@zertisa.com> wrote: >>> Is it currently possible to include SEAndroid in other Android Systems >>> than AOSP. I would like to create a CyanogenMod ROM with SEAndroid. >>> >> >> There is no reason it isn't possible. Try this: >> >> cd cyanogenmod/frameworks/base >> git remote add seandroid https://bitbucket.org/seandroid/frameworks-base >> git fetch seandroid >> repo start cm-merged-seandroid . >> git merge seandroid/seandroid-4.2.2 >> >> You'd need to do that for every repo in the seandroid >> local_manifests.xml file. However, just because you have all the >> seandroid code merged in *does not* mean you'll be able to run in >> enforcing on every device. Further modifications are necessary to the >> init scripts for each device you want to support and policy >> modifications will need to be made for device differences (mostly >> labeling, rules for stuff in /dev and device specific daemons). >> > > > -- > This message was distributed to subscribers of the seandroid-list mailing > list. > If you no longer wish to subscribe, send mail to majord...@tycho.nsa.gov with > the words "unsubscribe seandroid-list" without quotes as the message. -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to majord...@tycho.nsa.gov with the words "unsubscribe seandroid-list" without quotes as the message.
