[Arm-dev] Works fine on a HD - Re: SELinux relabeling looping

Tue May 2 16:42:54 UTC 2017
Robert Moskowitz <rgm at htt-consult.com>

same steps work just fine on a HD.  Why the failure on the SSD drive?


On 05/02/2017 12:36 PM, Robert Moskowitz wrote:
>
>
> On 05/02/2017 12:01 PM, Andreas Reschke wrote:
>> Am 02.05.2017 um 17:52 schrieb Robert Moskowitz:
>>> I am starting on a fresh install of the 1611 Cubietruck image.  This
>>> time I am running on a Cubietruck, not a Cubieboard2.
>>>
>>> I have the cubietruck uboot on a mSD card and the image installed on a
>>> Kingston 240Gb SSD drive.
>>>
>>> I boot up, log in with root with the default password.  All I do is
>>> change /boot/extlinux/extlinux.conf with:
>>>
>>> sed -i -e "s/enforcing=0/enforcing=1/w /dev/stdout"
>>> /boot/extlinux/extlinux.conf
>>>
>>> Note that https://wiki.centos.org/SpecialInterestGroup/AltArch/Arm32 is
>>> wrong saying:
>>>
>>> If you want to switch to enforcing mode, you'll have so to first modify
>>> the following files /etc/sysconfig/selinux : change from 
>>> "permissive" to
>>> "enforcing"
>>>
>>>    * rpi2/rpi3 : /boot/cmdline.txt: change "enforce=0" to "enforcing=1"
>>>    * other image/board[s]: /boot/extlinux/extlinux.conf : change the
>>>      "enforce=0" to "enforce=1"
>>>
>>>
>>> It is enforcing=0 on the Cubietruck image.  Then:
>>>
>>> touch /.autorelabel
>>>
>>> and
>>>
>>> reboot
>>>
>>> I get the log message:
>>>
>>> [   18.453896] brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000):
>>> clkctl 0x50
>>>
>>> *** Warning -- SELinux targeted policy relabel is required.
>>> *** Relabeling could take a very long time, depending on file
>>> *** system size and speed of hard drives.
>>> [   54.365478] random: nonblocking pool is initialized
>>> Warning: Skipping the following R/O filesystems:
>>> /sys/fs/cgroup
>>>
>>>
>>> Then after some time, it goes through a shutdown, reboots and comes 
>>> back
>>> to this state.  Then reboots again.  I have tried this twice.
>>>
>>> Next I will try on my Cubieboard2, that I will have to take down from
>>> its testing position for this test.  If it still fails, I will try a
>>> HD.  These commands have worked for my on the C2 with a HD and a mSD
>>> card.  I don't recall if I have tried them on a CT.
>>>
>>> But any thoughts are appreciated!
>>>
>>> thanks
>> Hello Bob,
>>
>> I've have a running CentOS (update) on my Cubietruck with selinux 
>> enabled.
>> SELINUX=enforcing in /etc/selinu/config
>> and
>> enforcing=1 in /boot/extlinux/extlinux.conf
>>
>> Greetings
>> Andreas
>
> I have been running for some time as well.  I just tested the SSD card 
> on the C2 and it failed the same way.  I grabbed a 120Gb HD off my 
> workbench and am now installing the base image to test it. This will 
> see if the problem is the SSD card.
>
> What steps did you take, if you noted them down?  I am doing this 
> WITHOUT expanding the partition sizes.  I want to have a base image 
> that I can save for a checkpoint without taking up a lot of disk space.
>