* Re: Plz ask for help :)
[not found] ` <002901cf4d4b$dfb10500$9f130f00$@oh@lge.com>
@ 2014-04-01 12:42 ` Daniel J Walsh
2014-04-01 13:06 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Daniel J Walsh @ 2014-04-01 12:42 UTC (permalink / raw)
To: 오대성, SELinux
[-- Attachment #1: Type: text/plain, Size: 1896 bytes --]
You need to subscribe to the SELinux upstream list
<selinux@tycho.nsa.gov> for kernel questions.
http://www.nsa.gov/research/selinux/subscribe.shtml
On 03/31/2014 09:44 PM, 오대성 wrote:
>
> Hi all,
>
> My name is Daesung and i am Korean.
>
> I am studying selinux and i have difficulty doing it.
>
> So i send email to you.
>
> Now, i am trying selinux porting on embedded Linux.
>
> Kernel version is 3.10.19-32.
>
> and configuration about selinux is as in the following:
>
> CONFIG_AUDIT=y
>
> CONFIG_AUDIT_GENERIC=y
>
> CONFIG_NETWORK_SECMARK=y
>
> CONFIG_EXT2_FS_SECURITY=y
>
> CONFIG_EXT3_FS_SECURITY=y
>
> CONFIG_EXT4_FS_SECURITY=y
>
> CONFIG_JFS_SECURITY=y
>
> CONFIG_REISERFS_FS_SECURITY=y
>
> CONFIG_JFFS2_FS_SECURITY=y
>
> CONFIG_SECURITY=y
>
> CONFIG_SECURITY_NETWORK=y
>
> CONFIG_SECURITY_SELINUX=y
>
> CONFIG_SECURITY_NETWORK_XFRM=y
>
> CONFIG_NETLABEL=y
>
> CONFIG_SECURITY_SELINUX_BOOTPARAM=y
>
> CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
>
> CONFIG_SECURITY_SELINUX_DISABLE=y
>
> CONFIG_SECURITY_SELINUX_DEVELOP=y
>
> CONFIG_SECURITY_SELINUX_AVC_STATS=y
>
> CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
>
> CONFIG_SECURITY_SELINUX_ENABLE_SECMARK_DEFAULT=y
>
> CONFIG_SECURITY_FILE_CAPABILITIES=y
>
> CONFIG_DEFAULT_SECURITY_SELINUX=y
>
> CONFIG_DEFAULT_SECURITY="selinux"
>
> CONFIG_EXT2_FS_XATTR=y
>
> CONFIG_EXT3_FS_XATTR=y
>
> CONFIG_EXT4_FS_XATTR=y
>
> CONFIG_REISERFS_FS_XATTR=y
>
> But, selinux_complete_init function of security/selinux/hook.c is not
> called.
>
> And if i run “ls -Z“ command, security context is not printed.
>
> $ ls -Z
>
> ? apparmor ? capability.c
>
> selinux_init function is called. but selinux_complete_init function is
> not called and security context is not printed.
>
> *what should i try ? please help me.*
>
> Best Regards.
>
> Daesung.
>
[-- Attachment #2: Type: text/html, Size: 8388 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: Plz ask for help :)
2014-04-01 12:42 ` Plz ask for help :) Daniel J Walsh
@ 2014-04-01 13:06 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2014-04-01 13:06 UTC (permalink / raw)
To: Daniel J Walsh, 오대성, SELinux
On 04/01/2014 08:42 AM, Daniel J Walsh wrote:
>> But, selinux_complete_init function of security/selinux/hook.c is not
>> called.
>>
>> And if i run “ls -Z“ command, security context is not printed.
>>
>> $ ls -Z
>>
>> ? apparmor ? capability.c
>>
>>
>>
>> selinux_init function is called. but selinux_complete_init function is
>> not called and security context is not printed.
>>
>>
>>
>> *what should i try ? please help me.*
You need to load a policy into the kernel. Normally this is done by
the init program.
Was your init program built with SELinux support enabled? And do you
have a policy file in the expected location?
Look for output from init as well to help debug.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-04-01 13:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <002301cf4cc0$4138b160$c3aa1420$@oh@lge.com>
[not found] ` <533967A3.70201@redhat.com>
[not found] ` <002901cf4d4b$dfb10500$9f130f00$@oh@lge.com>
2014-04-01 12:42 ` Plz ask for help :) Daniel J Walsh
2014-04-01 13:06 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.