I needed to make a clean build after the repo sync. The CM build mechanism did not update every required userspace tool after (only) enabling the flag.
Thanks for the hints! Am 19.07.2013 17:30, schrieb Stephen Smalley: > On 07/19/2013 11:22 AM, Janosch Maier wrote: >> For now I am only trying to get the core SELinux features running. As >> they are merged to AOSP, I expected the core functionality to be in the >> CyanogenMod master branch as well. >> >> When I create a kernel with SELinux enabled, I get a behaviour, that is >> not conclusive for me: >> >> Running getenforce, I get the answer: >> >> # getenforce >> getenforce: no such tool >> >> ls gives its usual output: >> # ls -Z >> drwxr-xr-x root root - acct >> drwxrwx--x system cache - cache >> ... >> >> ps shows, that there is some SELinux labeling >> # ps -Z >> LABEL USER PID PPID NAME >> kernel root 1 0 /init >> kernel root 2 0 kthreadd >> ... >> >> Any hint, what I am missing and why ps shows some labeling, and ls >> does not. > > This indicates that your userspace wasn't built with HAVE_SELINUX=true. > That is necessary for 4.2 and older. CyanogenMod is on 4.2 IIUC. > > BTW, there has been activity lately on CyanogenMod to enable SELinux > support, c.f. > http://www.androidauthority.com/selinux-cyanogenmod-243988/ > > > > > > > > -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to majord...@tycho.nsa.gov with the words "unsubscribe seandroid-list" without quotes as the message.
