| 1 |
Yes, extended attributes along with security labels are activated. |
| 2 |
|
| 3 |
# attr -s test -V test /var && attr -r test /var |
| 4 |
Attribute "test" set to a 4 byte value for /var: test |
| 5 |
|
| 6 |
I should probably tell how I proceeded during the installation: |
| 7 |
1. created the filesystems (as usual) |
| 8 |
2. got a hardened stage3 tarball and portage |
| 9 |
3. portage sync, re-emerge portage, created a hardened-sources kernel, |
| 10 |
booted up. |
| 11 |
4. emerge policys (checkpolicy, policycoreutils, selinux-base-policy [-selinux]) |
| 12 |
5. emerge -uDN world |
| 13 |
6. reboot and tried rlpkg -a -r |
| 14 |
|
| 15 |
Cheers |
| 16 |
|
| 17 |
On Sun, Mar 18, 2012 at 9:55 AM, Sven Vermeulen <swift@g.o> wrote: |
| 18 |
> On Sat, Mar 17, 2012 at 10:28:59PM +0100, Tom Petri wrote: |
| 19 |
>> After compiling the policy modules and re-compiling my core packages |
| 20 |
>> (Gentoo 32bit) I wanted to relabel the filesystem (via rlpkg -a -r) |
| 21 |
>> but I get these error messages: |
| 22 |
>> |
| 23 |
>> > Relabeling filesystem types: btrfs ext2 ext3 ext4 jfs xfs /usr/sbin/setfiles set context /->system_u:object_r:root_t failed:'Operation not supported' |
| 24 |
>> > /usr/sbin/setfiles set context /boot->system_u:object_r:boot_t failed:'Operation not supported' |
| 25 |
>> > /usr/sbin/setfiles set context /home->system_u:object_r:home_root_t failed:'Operation not supported' |
| 26 |
>> > /usr/sbin/setfiles set context /srv->system_u:object_r:var_t failed:'Operation not supported' |
| 27 |
>> > /usr/sbin/setfiles set context /tmp->system_u:object_r:tmp_t failed:'Operation not supported' /usr/sbin/setfiles set context /usr->system_u:object_r:usr_t failed:'Operation not supported' |
| 28 |
>> > /usr/sbin/setfiles set context /var->system_u:object_r:var_t failed:'Operation not supported' |
| 29 |
>> > Scanning for shared libraries with text relocations... |
| 30 |
>> > 0 libraries with text relocations, 0 not relabeled. Scanning for PIE binaries with text relocations... |
| 31 |
>> > 0 binaries with text relocations detected. |
| 32 |
>> |
| 33 |
>> partitions are /boot, /home, /srv, /tmp, /usr and /var - stored on |
| 34 |
>> /dev/md1-7, which are formatted using ext4. |
| 35 |
> |
| 36 |
> Do you have build in support for extended attributes in the kernel (for |
| 37 |
> these file systems)? |
| 38 |
> |
| 39 |
> Wkr, |
| 40 |
> Sven Vermeulen |
| 41 |
> |
Archives