[yocto] [meta-selinux][PATCH 04/21] libsemanage: uprev to 2.7 (20170804)
Mark Hatle
mark.hatle at windriver.com
Wed Sep 13 17:07:20 PDT 2017
On 9/12/17 9:19 PM, Mark Hatle wrote:
> On 9/12/17 9:06 PM, wenzong fan wrote:
>> On 09/12/2017 06:59 PM, Chanho Park wrote:
>>> Hi,
>>>
>>> I can't apply this patch on top of the master branch. Which revision did
>>> you make the patches?
>>
>> Oops, that's my fault. I did a "sed -i -e 's/Subject: [/Subject:
>> [meta-selinux][/g' 00*" to add prefix for mail subjects, that also
>> changed the removed patch files in libsemanage.
>>
>> I'll send v2.
>>
>> Thanks
>> Wenzong
>
> I don't see the original set of patches in my archives. When you rebase, please
> rebase on top of mgh/master-next.
My mailer finally loaded the original set. I saw the same problems, but was
able to get them merged.
I have updated 'mgh/master-next'. Please verify the contents include all of
your changes.
I tried to build a system and boot it, but it didn't work. I'm guessing I
forgot something simple, but I can't make master-next into master without
knowing I can boot.. Any clue would be useful. Thanks!
My configuration is:
bblayers.conf:
oe-core (master) & meta-selinux (mgh/master-next)
local.conf:
IMAGE_FEATURES_append = " debug-tweaks ssh-server-openssh"
DISTRO_FEATURES_append = " opengl x11 wayland acl xattr pam selinux"
PREFERRED_PROVIDER_virtual/refpolicy = "refpolicy-mls"
PREFERRED_VERSION_refpolicy-mls = "2.20170204"
I ran QEMU using:
runqemu qemux86 core-image-selinux ext4 nographic
Trying to login I get:
qemux86 login: root
[ 23.960609] kauditd_printk_skb: 13 callbacks suppressed
Cannot execute /bin/sh: Permission denied
[ 23.973922] audit: type=1400 audit(1505347190.805:29): avc: denied {
execute } for pid=671 comm="login" name="bash.bash" dev="vda" ino=8163
scontext=system_u:system_r:local_login_t:s0-s15:c0.c1023
tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=0
[ 23.975463] audit: type=1400 audit(1505347190.813:30): avc: denied {
execute } for pid=671 comm="login" name="bash.bash" dev="vda" ino=8163
scontext=system_u:system_r:local_login_t:s0-s15:c0.c1023
tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=0
> --Mark
>
More information about the yocto
mailing list