[Arm-dev] SELinux relabeling looping

Tue May 2 16:01:05 UTC 2017
Andreas Reschke <arm_ml at rirasoft.de>

Am 02.05.2017 um 17:52 schrieb Robert Moskowitz:
> I am starting on a fresh install of the 1611 Cubietruck image.  This
> time I am running on a Cubietruck, not a Cubieboard2.
> 
> I have the cubietruck uboot on a mSD card and the image installed on a
> Kingston 240Gb SSD drive.
> 
> I boot up, log in with root with the default password.  All I do is
> change /boot/extlinux/extlinux.conf with:
> 
> sed -i -e "s/enforcing=0/enforcing=1/w /dev/stdout"
> /boot/extlinux/extlinux.conf
> 
> Note that https://wiki.centos.org/SpecialInterestGroup/AltArch/Arm32 is
> wrong saying:
> 
> If you want to switch to enforcing mode, you'll have so to first modify
> the following files /etc/sysconfig/selinux : change from "permissive" to
> "enforcing"
> 
>   * rpi2/rpi3 : /boot/cmdline.txt: change "enforce=0" to "enforcing=1"
>   * other image/board[s]: /boot/extlinux/extlinux.conf : change the
>     "enforce=0" to "enforce=1"
> 
> 
> It is enforcing=0 on the Cubietruck image.  Then:
> 
> touch /.autorelabel
> 
> and
> 
> reboot
> 
> I get the log message:
> 
> [   18.453896] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000):
> clkctl 0x50
> 
> *** Warning -- SELinux targeted policy relabel is required.
> *** Relabeling could take a very long time, depending on file
> *** system size and speed of hard drives.
> [   54.365478] random: nonblocking pool is initialized
> Warning: Skipping the following R/O filesystems:
> /sys/fs/cgroup
> 
> 
> Then after some time, it goes through a shutdown, reboots and comes back
> to this state.  Then reboots again.  I have tried this twice.
> 
> Next I will try on my Cubieboard2, that I will have to take down from
> its testing position for this test.  If it still fails, I will try a
> HD.  These commands have worked for my on the C2 with a HD and a mSD
> card.  I don't recall if I have tried them on a CT.
> 
> But any thoughts are appreciated!
> 
> thanks
> 
> 
> 
> _______________________________________________
> Arm-dev mailing list
> Arm-dev at centos.org
> https://lists.centos.org/mailman/listinfo/arm-dev
> 

Hello Bob,

I've have a running CentOS (update) on my Cubietruck with selinux enabled.
SELINUX=enforcing in /etc/selinu/config
and
enforcing=1 in /boot/extlinux/extlinux.conf

Greetings
Andreas