Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[SOLVED] How can I enable SELinux on the kernel??
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
Torpus
Apprentice
Apprentice


Joined: 20 Aug 2023
Posts: 184
PostPosted: Sun Oct 15, 2023 8:08 am    Post subject: [SOLVED] How can I enable SELinux on the kernel?? Reply with quote
Code:
[linux] login tp                                                                                                              9:02:36
Password:
Last login: Sun Oct 15 08:54:40 CET 2023 on pts/0
[~] id -Z                                                                                                                     9:04:05
id: --context (-Z) works only on an SELinux-enabled kernel
[~] newrole -r sysadm_r                                                                                                       9:04:12
Sorry, newrole may be used only on a SELinux kernel.


I followed everything on this [code=https://wiki.gentoo.org/wiki/SELinux/Installation]guide[/code] but SELinux doesn't work... (except for relabeling some packages)

I have these already:

Code:
CONFIG_SECURITY_SELINUX=y
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_DEVELOP=y
CONFIG_SECURITY_SELINUX_AVC_STATS=y
CONFIG_SECURITY_SELINUX_SIDTAB_HASH_BITS=9
CONFIG_SECURITY_SELINUX_SID2STR_CACHE_SIZE=256


Here's my full .config

Anybody knows what's going on?
_________________
Illegitimi non carborundum.

Last edited by Torpus on Sun Oct 15, 2023 11:08 am; edited 1 time in total
Back to top
View user's profile Send private message
alamahant
Advocate
Advocate


Joined: 23 Mar 2019
Posts: 3961
PostPosted: Sun Oct 15, 2023 9:28 am    Post subject: Reply with quote
Use
Code:

security=selinux selinux=1

or newer
Code:

lsm=selinux selinux=1

as kernel boot parameters.
Maybe via grub
Code:

GRUB_CMDLINE_LINUX=".....................  lsm=selinux selinux=1"

and update grub.
_________________
:)
Back to top
View user's profile Send private message
Torpus
Apprentice
Apprentice


Joined: 20 Aug 2023
Posts: 184
PostPosted: Sun Oct 15, 2023 10:42 am    Post subject: Reply with quote
alamahant,

I did that already (except for updating GRUB, despite that it didn't work).

I'm on chroot BTW, does that matter as the kernel is technically not used?
_________________
Illegitimi non carborundum.
Back to top
View user's profile Send private message
alamahant
Advocate
Advocate


Joined: 23 Mar 2019
Posts: 3961
PostPosted: Sun Oct 15, 2023 10:46 am    Post subject: Reply with quote
Yes.
Selinux does not work in chroot.
What is more if you make changes to your selinux system in a chroot, you will need to relabel files after booting.
https://wiki.gentoo.org/wiki/SELinux/Installation#Relabel
Just exit the chroot and boot into your selinux Gentoo and see if it works.
_________________
:)
Back to top
View user's profile Send private message
Torpus
Apprentice
Apprentice


Joined: 20 Aug 2023
Posts: 184
PostPosted: Sun Oct 15, 2023 11:08 am    Post subject: Reply with quote
Ahh :lol:
_________________
Illegitimi non carborundum.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy