<div dir="ltr">I tried with yocto thud and your repo (thud branch) and I can build without issues.<div>However when I try to run "fixfiles -f -F relabel" the result is:</div><div><div><b>*Cleaning out /tmp</b></div><div><b>*fixfiles: No suitable file systems found</b></div><div><b>*Cleaning up labels on /tmp</b></div><div><b>*cat: /initial_contexts/unlabeled: No such file or directory</b></div><div><b>*secon: SELinux is not enabled</b></div></div><div><b><br></b></div><div>I tried to check If I have xattrs in my ext4 partition and I can run these commands as suggested here <a href="https://bbs.archlinux.org/viewtopic.php?id=176400">https://bbs.archlinux.org/viewtopic.php?id=176400</a>:</div><div><pre style="border:0px;margin-top:0px;margin-bottom:0px;padding:0px;font-size:1em;overflow:auto;width:1524px;direction:ltr;color:rgb(34,34,34)"><code style="font-size:1em;padding:0.5em;display:inline-block">$ touch testfile
$ getfattr -n user.comment testfile
testfile: user.comment: No such attribute
$ getfattr testfile
$ setfattr -n user.comment -v "this is a comment" testfile
$ getfattr testfile
# file: testfile
user.comment
$ getfattr -n user.comment testfile
# file: testfile
user.comment="this is a comment"
$ setfattr -x user.comment testfile
$ getfattr testfile</code></pre></div><div><br></div><div>My config.gz contains these:</div><div><div># CONFIG_IP_NF_SECURITY is not set</div><div># CONFIG_IP6_NF_SECURITY is not set</div><div>CONFIG_EXT2_FS_SECURITY=y</div><div>CONFIG_EXT3_FS_SECURITY=y</div><div>CONFIG_EXT4_FS_SECURITY=y</div><div>CONFIG_SECURITY_DMESG_RESTRICT=y</div><div>CONFIG_SECURITY=y</div><div>CONFIG_SECURITYFS=y</div><div>CONFIG_SECURITY_NETWORK=y</div><div># CONFIG_SECURITY_NETWORK_XFRM is not set</div><div># CONFIG_SECURITY_PATH is not set</div><div>CONFIG_SECURITY_SELINUX=y</div><div># CONFIG_SECURITY_SELINUX_BOOTPARAM is not set</div><div># CONFIG_SECURITY_SELINUX_DISABLE is not set</div><div>CONFIG_SECURITY_SELINUX_DEVELOP=y</div><div>CONFIG_SECURITY_SELINUX_AVC_STATS=y</div><div>CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0</div><div># CONFIG_SECURITY_SMACK is not set</div><div># CONFIG_SECURITY_TOMOYO is not set</div><div># CONFIG_SECURITY_APPARMOR is not set</div><div># CONFIG_SECURITY_LOADPIN is not set</div><div># CONFIG_SECURITY_YAMA is not set</div><div># CONFIG_DEFAULT_SECURITY_SELINUX is not set</div><div>CONFIG_DEFAULT_SECURITY_DAC=y</div><div>CONFIG_DEFAULT_SECURITY=""</div></div><div><br></div><div>Is there a way to debug this issue with some tricks?</div><div>Am I missing something?</div><div><br></div><div>Thank u.</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr">Il giorno mer 9 gen 2019 alle ore 21:55 Stefano Cappa <<a href="mailto:stefano.cappa.ks89@gmail.com">stefano.cappa.ks89@gmail.com</a>> ha scritto:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Ok thank you, I'll try it.</div><br><div class="gmail_quote"><div dir="ltr">Il giorno lun 31 dic 2018 alle ore 03:52 MacDonald, Joe <<a href="mailto:Joe_MacDonald@mentor.com" target="_blank">Joe_MacDonald@mentor.com</a>> ha scritto:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">One additional quick note, in hope of avoiding any further confusion, I'm working on the refpolicy version from July not January 2018. Sorry about that.<br>
<br>
-J.<br>
<br>
________________________________________<br>
From: <a href="mailto:yocto-bounces@yoctoproject.org" target="_blank">yocto-bounces@yoctoproject.org</a> <<a href="mailto:yocto-bounces@yoctoproject.org" target="_blank">yocto-bounces@yoctoproject.org</a>> on behalf of MacDonald, Joe<br>
Sent: Sunday, December 30, 2018 9:46 PM<br>
To: Stefano Cappa<br>
Cc: <a href="mailto:yocto@yoctoproject.org" target="_blank">yocto@yoctoproject.org</a><br>
Subject: Re: [yocto] [selinux] sumo compilation<br>
<br>
[Re: [yocto] [selinux] sumo compilation] On 18.12.30 (Sun 14:31) MacDonald, Joe wrote:<br>
<br>
> I have both ready to go, there's been a few hiccups with my access to the git<br>
> server. I'll push my queued changes somewhere public when I get to a keyboard<br>
> later today so at least everyone can see what's coming.<br>
<br>
Update on this. While we're sorting out the access issue, the current<br>
master, sumo and thud branches on my personal mirror<br>
(<a href="https://github.com/joeythesaint/meta-selinux" rel="noreferrer" target="_blank">https://github.com/joeythesaint/meta-selinux</a>) are mostly up-to-date<br>
(the only thing I haven't included in there yet is the refpolicy update<br>
for the 20180114 release, little overdue, that) and build for the<br>
respective Yocto releases. If that's not your experience, please let me<br>
know and we'll get that sorted out right away.<br>
<br>
Thanks.<br>
<br>
-Joe.<br>
<br>
><br>
> -J.<br>
><br>
> On Dec 30, 2018 6:29 AM, Stefano Cappa <<a href="mailto:stefano.cappa.ks89@gmail.com" target="_blank">stefano.cappa.ks89@gmail.com</a>> wrote:<br>
> Are there any news about this? Also for thud branch.<br>
><br>
> Il mar 30 ott 2018, 14:46 Sinan Kaya <<a href="mailto:okaya@kernel.org" target="_blank">okaya@kernel.org</a>> ha scritto:<br>
><br>
>Â Â Â On 10/24/2018 7:49 PM, Joe MacDonald wrote:<br>
>Â Â Â > Hey all,<br>
>Â Â Â ><br>
>   > I just thought I should quickly follow up on this. I have a change set<br>
>Â Â Â > ready that includes tagging and a minor tweak for sumo, integration of<br>
>Â Â Â > the current outstanding patch list and a tag for thud and a couple of<br>
>   > additional things (possibly) for post-thud. I'll send out a set for<br>
>Â Â Â > sumo and maybe an additional one for thud/post- possibly tomorrow or<br>
>Â Â Â > after I get home on Friday.<br>
><br>
>Â Â Â Thanks, we are looking forward to see it on yocto.<br>
><br>
>Â Â Â ><br>
>Â Â Â > -J.<br>
><br>
>Â Â Â --<br>
>Â Â Â _______________________________________________<br>
>Â Â Â yocto mailing list<br>
>Â Â Â <a href="mailto:yocto@yoctoproject.org" target="_blank">yocto@yoctoproject.org</a><br>
>Â Â Â <a href="https://lists.yoctoproject.org/listinfo/yocto" rel="noreferrer" target="_blank">https://lists.yoctoproject.org/listinfo/yocto</a><br>
><br>
<br>
> --<br>
> _______________________________________________<br>
> yocto mailing list<br>
> <a href="mailto:yocto@yoctoproject.org" target="_blank">yocto@yoctoproject.org</a><br>
> <a href="https://lists.yoctoproject.org/listinfo/yocto" rel="noreferrer" target="_blank">https://lists.yoctoproject.org/listinfo/yocto</a><br>
<br>
</blockquote></div>
</blockquote></div>