<html>
<head>
<meta content="text/html; charset=windows-1251"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<br>
<div class="moz-cite-prefix">On 12/23/2016 10:07 AM, Gordan Bobic
wrote:<br>
</div>
<blockquote
cite="mid:CAMx4oe1=J280hFPYAPqZRo2YBr3u+BUzWNjDF7gbDvoZdqjdfw@mail.gmail.com"
type="cite">
<div dir="ltr">Do you have selinux-policy and
selinux-policy-targeted packages installed?<br>
</div>
</blockquote>
<br>
Yes they are both installed in the base image. And when I do a yum
update after installing chrony, I see:<br>
<br>
[ 505.622712] SELinux: Class binder not defined in policy.<br>
[ 505.628184] SELinux: the above unknown classes and permissions
will be allowed<br>
[ 509.043371] SELinux: Context
unconfined_u:unconfined_r:sandbox_t:s0-s0:c0.c1023 became invalid
(unmapped).<br>
[ 510.548875] SELinux: Context
system_u:unconfined_r:sandbox_t:s0-s0:c0.c1023 became invalid
(unmapped).<br>
<br>
Don't know if these are a problem or not...<br>
<br>
Now on to try Fabian's recommendations.<br>
<br>
<br>
<blockquote
cite="mid:CAMx4oe1=J280hFPYAPqZRo2YBr3u+BUzWNjDF7gbDvoZdqjdfw@mail.gmail.com"
type="cite">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Dec 23, 2016 at 2:58 PM, Fabian
Arrotin <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:arrfab@centos.org" target="_blank">arrfab@centos.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">On
23/12/16 02:49, Robert Moskowitz wrote:<br>
> This is on a Cubieboard2 with the OS on a sata HD:<br>
><br>
> I followed the instructions on the wiki<br>
><br>
> vi /etc/sysconfig/selinux <- change from
"permissive" to "enforcing"<br>
> vi /boot/extlinux/extlinux.conf <- change the
"enforce=0" to "enforce=1"<br>
> touch /.autorelabel<br>
><br>
> I then rebooted and the following appears on the
console log:<br>
><br>
> [ OK ] Reached target Switch Root.<br>
> Starting Switch Root...<br>
> [ 10.682159] systemd-journald[129]: Received SIGTERM
from PID 1<br>
> (systemd).<br>
> [ 11.306507] systemd[1]: Failed to load SELinux
policy.<br>
> [!!!!!!] Failed to load SELinux policy, freezing.<br>
><br>
><br>
> Note that /boot is sda1 and / is sda3<br>
><br>
> I am awaiting guidance.<br>
><br>
> thank you<br>
><br>
<br>
Hmm, the way I do it is :<br>
- ensure enforce=1 in extlinux.conf (but keep
/etc/sysconfig/selinux to<br>
permissive)<br>
- touch /.autorelabel && systemc reboot<br>
<br>
Than wait and when it's finally online, "setenforce 1" and
then<br>
/etc/sysconfig/selinux to enforcing<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Fabian Arrotin<br>
The CentOS Project | <a moz-do-not-send="true"
href="http://www.centos.org" rel="noreferrer"
target="_blank">http://www.centos.org</a><br>
gpg key: 56BEC54E | twitter: @arrfab<br>
<br>
</font></span><br>
______________________________<wbr>_________________<br>
Arm-dev mailing list<br>
<a moz-do-not-send="true" href="mailto:Arm-dev@centos.org">Arm-dev@centos.org</a><br>
<a moz-do-not-send="true"
href="https://lists.centos.org/mailman/listinfo/arm-dev"
rel="noreferrer" target="_blank">https://lists.centos.org/<wbr>mailman/listinfo/arm-dev</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Arm-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Arm-dev@centos.org">Arm-dev@centos.org</a>
<a class="moz-txt-link-freetext" href="https://lists.centos.org/mailman/listinfo/arm-dev">https://lists.centos.org/mailman/listinfo/arm-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>