ghost
commented
3 years ago BocI720 @.***> writes:
Hi,
I used mkfs.ubifs --selinux file_contexts and ubinize in mtd-uitls 2.1.3 to labeled selinux contexts for ubifs image, I can find them in ubifs image but when I mount it on my PC, it changes to 'unlabeled_t' when SELinux enabled. And when I disabled SELinux and mount the ubifs image on PC, the SELinux context will be same as the file_contexts file in mkfs.ubifs.
Is this a bug for mount? or there are someting else I need to do to make the right file context for ubifs image mounted on the Linux
btw, I use both getfattr and ls -Z to check the SELinux context, they are all the same as I described before.
Two things I would look into:
is the kernel compiled with "UBIFS_FS_SECURITY"? does the policy have the rule to enable appropriate labeling: seinfo --fs_use ubifs | grep fs_use_xattr
More generally speaking I am not aware of labeling issues related to ubifs. I am using it on my OpenWrt router.
/dev/ubi0_1 on /overlay type ubifs (rw,seclabel,noatime,assert=read-only,ubi-0,vol=1)
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.
-- gpg --locate-keys @.*** Key fingerprint = FCD2 3660 5D6B 9D27 7FC6 E0FF DA7E 521F 10F6 4098 Dominick Grift
Hi,
I used mkfs.ubifs --selinux file_contexts and ubinize in mtd-uitls 2.1.3 to labeled selinux contexts for ubifs image, I can find them in ubifs image but when I mount it on my PC, it changes to 'unlabeled_t' when SELinux enabled. And when I disabled SELinux and mount the ubifs image on PC, the SELinux context will be same as the file_contexts file in mkfs.ubifs.
Is this a bug for mount? or there are someting else I need to do to make the right file context for ubifs image mounted on the Linux
btw, I use both getfattr and ls -Z to check the SELinux context, they are all the same as I described before.