2009/9/10 François Valenduc <francois.valen...@tvcablenet.be>: > Andrew John Hughes a écrit : >> 2009/9/5 François Valenduc <francois.valen...@tvcablenet.be>: >> >>> Magnus Granberg a écrit : >>> >>>> On Saturday 05 September 2009 12.17.00 François Valenduc wrote: >>>> >>>> >>>>> Hello everybody, >>>>> >>>>> I have recently swicth my SElinux install from ext3 to ext4 and after >>>>> having changed the rlpkq script to also relabel ext4 filesystems, I get >>>>> the following errors: >>>>> /usr/sbin/setfiles set context >>>>> /usr/sbin/setfilecon->system_u:object_r:bin_t failed:'Operation not >>>>> supported' >>>>> However, I have enabled Ext4 Security labels in the kernel configuration. >>>>> >>>>> Does anybody know a solution to this problem ? >>>>> Thanks in advance for your help. >>>>> >>>>> François Valenduc >>>>> >>>>> >>>> You need to update to policycoreutils-2.0.69 to get ext4 support. >>>> See bug #275369 http://bugs.gentoo.org/show_bug.cgi?id=275369 >>>> ------ >>>> Hardened-Development Overlay >>>> Magnus Granberg (Zorry) <zo...@ume.nu> >>>> >>>> >>>> >>>> >>> I have tried to upgrade policycoreutils to this version but it fails to >>> compile with this error: >>> >>> cc -Wl,-O1 semodule.o -lsepol -lselinux -lsemanage -L/usr/lib -o >>> semodulesemodule.o: In function `main': >>> semodule.c:(.text+0x803): undefined reference to >>> `semanage_module_upgrade_file' >>> semodule.c:(.text+0x84a): undefined reference to >>> `semanage_module_install_file' >>> semodule.c:(.text+0x8ae): undefined reference to >>> `semanage_module_install_base_file' >>> collect2: ld a retourné 1 code d'état d'exécution >>> make[1]: *** [semodule] Erreur 1 >>> make[1]: quittant le répertoire « >>> /var/tmp/portage/sys-apps/policycoreutils-2.0.69/work/policycoreutils-2.0.69/semodule >>> » >>> make: *** [all] Erreur 1 >>> make: quittant le répertoire « >>> /var/tmp/portage/sys-apps/policycoreutils-2.0.69/work/policycoreutils-2.0.69 >>> » >>> >>> >>> I have looked in gentoo bugzilla and I didn't find anything which seems >>> similar to this error. >>> >>> François Valenduc >>> >>> >>> >> >> >> Have you checked there aren't corresponding updates to libselinux, >> libsepol and libsemanage? This error suggests one or more of those >> libraries are out of date. >> > Indeed, upgrading libsepol, libsemanage and libselinux allowed > policycoreutils 2.0.69 to be compiled without error. However, it's still > impossible to relabel the filesystem. Now I don't see plenty of lines > indicating "Operation not supported" when I use rlpkg. But the files > remains unlabeled. Is it really possible to use ext4 and selinux ? >
There must be some way, as Fedora 11 ships with both. How recent is your kernel? ext4 is still in development. > Thanks for your help. > > -- Andrew :-) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) Support Free Java! Contribute to GNU Classpath and the OpenJDK http://www.gnu.org/software/classpath http://openjdk.java.net PGP Key: 94EFD9D8 (http://subkeys.pgp.net) Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
