View previous topic :: View next topic |
Author |
Message |
vbirf n00b
Joined: 05 Dec 2005 Posts: 2 Location: Moscow, Russia
|
Posted: Mon Dec 05, 2005 6:50 am Post subject: reiser3 + SELinux --- still no joy? |
|
|
there were some topics about this, but i need today's situation.
so...
i've got gentoo kernel (2.6.14).
i fixed script under /etc/security/selinux/src/policy to not skip reiserfs partitions.
i've even add user_xattrs to mounting params. (don't know is this really required...)
i've did make relabel. it said that everything allright, all files got relabeled...
but...
i just cannot add user by useradd. stracing shows that useradd fails to read security attributes on /etc/passwd...
make checklabels shows that many system files are continusly missing their sec attributes, so in logs i see many denials (permissive=1) ane so on.
what to do? does some work-inexpensive (by this i mean no multiple patching, no kernel hacking and not making other types of sex with computer) solution exist?
does anybody know about correct selinux support in reiser4?
Last edited by vbirf on Mon Dec 05, 2005 8:30 am; edited 2 times in total |
|
Back to top |
|
|
codergeek42 Bodhisattva
Joined: 05 Apr 2004 Posts: 5142 Location: Anaheim, CA (USA)
|
Posted: Mon Dec 05, 2005 6:55 am Post subject: |
|
|
According to the SELinux x86 handbook: Quote: | Warning: Reiserfs is not currently supported as they lack the required extended attribute support. | Moved from Networking & Security to Unsupported Software. _________________ ~~ Peter: Programmer, Mathematician, STEM & Free Software Advocate, Enlightened Agent, Transhumanist, Fedora contributor
Who am I? :: EFF & FSF |
|
Back to top |
|
|
Evil Dark Archon Guru
Joined: 21 Dec 2002 Posts: 562 Location: Santa Rosa, CA
|
Posted: Mon Dec 05, 2005 11:11 am Post subject: |
|
|
Obvious question: did you make sure that security labels were enabled in your kernel config? _________________ This post has been over explained for newb-informing purposes.
Registered Linux user 347334
Abit AV8-3rd eye, AMD Athlon64 3500+ 90nm, ATI Radeon x850 pro |
|
Back to top |
|
|
vbirf n00b
Joined: 05 Dec 2005 Posts: 2 Location: Moscow, Russia
|
Posted: Tue Dec 06, 2005 4:24 am Post subject: sure |
|
|
i said, that all files got relabeled, and ls -Z shows their security contexts, but some files under /etc loose labels i think after r/w operations, but not only...
e.g. to change password i must do make relabel before passwd otherwise latter says error.
more, i mention i use standart gentoo kernel, so maybe reiser3+selinux fixing patches (discussed here too, a couple years ago, or so) still aren't included in it... but now i'm too lazy and too busy to investigate
anyway, i'm testing all this on my sandbox system, so i'll try (again) reiser4 soon ) |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|