[meta-freescale] Cannot enable selinux with imx6ULL. Why?
Otavio Salvador
otavio.salvador at ossystems.com.br
Sat Oct 27 11:10:06 PDT 2018
On Sun, Oct 21, 2018 at 7:52 AM Stefano Cappa
<stefano.cappa.ks89 at gmail.com> wrote:
> I'm on Sumo branch with the latest linux-imx (no -fscl) and I'm using the official NXP imx6 evk board.
>
> I'm trying meta-selinux (I'm absolutely a noob with selinux, I'm still experimenting and studying it :)) but I'm getting this error running "fixfiles -f -F relabel":
>
> Cleaning out /tmp
> fixfiles: No suitable file systems found
> Cleaning up labels on /tmp
> secon: SELinux is not enabled
> cat: /initial_contexts/unlabeled: No such file or directory
>
> I wrote to one of the authors of meta-selinux and he said:
>
> You need to make sure that the filesystem in use has extendded attributes
> enabled. A lot of silicon vendor versions have this disabled, or use a
> filesystem where it's not supported.
> ext*fs, xfs, etc usually support it, with the right kernel configuration.
>
> So, I added xattr to the DISTRO_FEATURES_append in my local.conf, but I'm still having the same error.
> And running 'mount' I get this:
> /dev/<mynamehere> / type ext4 (rw,relatime,data=ordered)
>
> What I'm missing?
> Also, does imx6ULL supports meta-selinux? Or are there some limitations about kernel that block me to activate selinux?
You need to enable the needed features on the kernel config. You
likely need to make a new layer to store the changes you will do and
modify the defconfig accordingly.
--
Otavio Salvador O.S. Systems
http://www.ossystems.com.br http://code.ossystems.com.br
Mobile: +55 (53) 9 9981-7854 Mobile: +1 (347) 903-9750
More information about the meta-freescale
mailing list