[DSE-Dev] Bug#757421: selinux-basics: selinux-activate doesn't install kernel args on extlinux

[Daniel Black]

Package: selinux-basics
Version: 0.5.2
Severity: wishlist

Dear Maintainer,


   * What led up to the situation?

I started a freedombox using freedombox maker which uses vmdebootstrap to create and image. The VM has extlinux as the bootloader.

I followed the selinux steps on wiki.debian.org/SELinux/Setup.

After rebooting no selinux was enabled.

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

I discovered that the /extlinux.conf boot line didn't contain the selinux kernel arguements like /etc/default/grub.conf.

   * What was the outcome of this action?

Adding these made selinux work.

   * What outcome did you expect instead?

Selinux enabled.



/extlinux.conf:

default linux
timeout 1

label linux
kernel boot/vmlinuz-3.14-2-486
append initrd=boot/initrd.img-3.14-2-486 root=UUID=5cb2f0d4-21b6-43b2-9f0b-ef908696a4ac ro selinux=1 security=selinux


-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.14-2-486
Locale: LANG=, LC_CTYPE= (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages selinux-basics depends on:
ii  checkpolicy      2.3-1
ii  policycoreutils  2.3-1
pn  python:any       <none>
ii  selinux-utils    2.3-1

Versions of packages selinux-basics recommends:
ii  selinux-policy-default  2:2.20140421-4
ii  setools                 3.3.8-3

Versions of packages selinux-basics suggests:
pn  logcheck        <none>
pn  syslog-summary  <none>

-- no debconf information