| 1 |
On Sun, Mar 18, 2012 at 11:36 AM, Sven Vermeulen <swift@g.o> wrote: |
| 2 |
> On Sun, Mar 18, 2012 at 10:36:53AM +0100, Tom Petri wrote: |
| 3 |
>> Yes, extended attributes along with security labels are activated. |
| 4 |
>> |
| 5 |
>> # attr -s test -V test /var && attr -r test /var |
| 6 |
>> Attribute "test" set to a 4 byte value for /var: test |
| 7 |
>> |
| 8 |
>> I should probably tell how I proceeded during the installation: |
| 9 |
>> 1. created the filesystems (as usual) |
| 10 |
>> 2. got a hardened stage3 tarball and portage |
| 11 |
>> 3. portage sync, re-emerge portage, created a hardened-sources kernel, |
| 12 |
>> booted up. |
| 13 |
>> 4. emerge policys (checkpolicy, policycoreutils, selinux-base-policy [-selinux]) |
| 14 |
>> 5. emerge -uDN world |
| 15 |
>> 6. reboot and tried rlpkg -a -r |
| 16 |
> |
| 17 |
> Did the setfiles commands (mentioned in the installation instructions before |
| 18 |
> the "rlpkg -a -r") succeed, or did they give the same error? |
| 19 |
> |
| 20 |
> Wkr, |
| 21 |
> Sven Vermeulen |
| 22 |
> |
| 23 |
> |
| 24 |
> |
| 25 |
Yes, I got the same errors then: |
| 26 |
# setfiles -r /mnt/gentoo |
| 27 |
/etc/selinux/strict/contexts/files/file_contexts /mnt/gentoo/dev |
| 28 |
setfiles set context /mnt/gentoo/dev->system_u:object_r:device_t |
| 29 |
failed:'Operation not supported' |
| 30 |
# setfiles -r /mnt/gentoo |
| 31 |
/etc/selinux/strict/contexts/files/file_contexts /mnt/gentoo/lib |
| 32 |
setfiles set context /mnt/gentoo/lib->system_u:object_r:lib_t |
| 33 |
failed:'Operation not supported' |
Archives