[Arm-dev] Anyone running named on armv7 with selinux?

Robert Moskowitz rgm at htt-consult.com
Thu Feb 2 21:55:32 UTC 2017


It seems that the SELinux problem is 'built into' the Cubietruck image.

All I did was put the image on a HD, expand the partitions, boot up 
(uboot on the mSD card)

in    /boot/extlinux/extlinux.conf : change the "enforcing=0" to 
"enforcing=1"

touch /.autorelabel
reboot

On the console I saw the following messages:

[   14.709227] SELinux:  Class binder not defined in policy.
[   14.714741] SELinux: the above unknown classes and permissions will 
be allowed
[   14.778268] audit: type=1403 audit(14.745:2): policy loaded 
auid=4294967295 ses=4294967295
[   14.813736] systemd[1]: Successfully loaded SELinux policy in 785.600ms.
[   15.294034] systemd[1]: Relabelled /dev and /run in 295.320ms.

In the past, I did the relabeling after the 'yum update'.  This seems to 
show that SELinux is unhappy from the get go.  I will continue in 
permissive mode with loading up my DNS setup without using chroot and 
see how the setup works.  This is my internal DNS that has no external 
access, so for now I will run a bit open...

On 02/02/2017 10:50 AM, Robert Moskowitz wrote:
> I am ready for my next test, to try out named on a Cubieboard2.
>
> I want to run named with SELinux and not chroot named, and with the 
> problems I have had so far with SELinux and HTTPD that no one has 
> commented on what to do to fix the problem, I was interested to first 
> check out for any experience with named.
>
> I could always run named chrooted without enabling SELinux.  That is 
> how I am running right now with RSEL6 (which does not have SELinux 
> working).  But I would rather get back to using SELinux and not 
> chroot, as I had for years on Intel Centos.
>
> I have not seen any posts on updates to the Centos7-armv7 rpms, so I 
> am assuming that there has not been any fixes to my SELinux problems.
>
> So anyone out there running named?
>
> thanks
>
>
> _______________________________________________
> Arm-dev mailing list
> Arm-dev at centos.org
> https://lists.centos.org/mailman/listinfo/arm-dev
>



More information about the Arm-dev mailing list