[DSE-Dev] Added SELinux support for live-build
adrian15sgd
adrian15sgd at gmail.com
Sun Jul 21 07:24:27 BST 2024
I have added SELinux support for live-build.
I have a pending MR for the live-build people in here:
https://salsa.debian.org/live-team/live-build/-/merge_requests/354 .
Maybe you can take a look at it and give me your thoughts.
Some comments:
1) The live-build already had some selinux code but it was related to
the final user being able to create an image in a selinux enabled system.
2) What I aim for with this patch is that the resultant image can use
SELinux itself while booting.
3) Unfortunately enforced mode is not working properly even in the
minimal builds. What actually works is permissive mode which it's what I
actually care about so that I can read and modify filesystems with
SELinux extended attributes on them.
4) So if you already have experience on using live-build and know how to
build into a package you might give it a test and give me some feedback.
Thank you!
adrian15
More information about the SELinux-devel
mailing list