Hi ,
I'm using Poky (Warrior), with busybox (aiming at a lightweight system).
Recently, added SELinux to my project (by adding "packagegroup-core-selinux" to
my local.conf, with mls policy).
Booted with "selinux=1 enforing=0".
The auto-relabeling reported an error, since the root is mounted RO.
So, patched slelinux-autorelabel script to mount "/" RW before relabeling.
Booted again.
This time, selinux-init had the same issue ( / mounted RO).
Patched this one as well, but the system keeps rebooting:
It seems that the init process keeps it's kernel_t context, which forces
re-labeling, reboot and so on…. (per the selinux-init script)
Q1: Is SELinux+busybox a valid combination, or should I switch to systemd?
Q2: Which context should the init process end up as?
BTW – the build of "core-image-selinux" fails, with the following error
Copying files into the device: set_inode_xattr: No data available while
reading attribute "security.selinux" of "network"
Any idea?
Thanks,
Yair
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto