<div dir="ltr">Hi Team,<br><br>I was working on supporting selinux on openbmc stack, I was able to create the image with selinux.<br>root@test:~# sestatus<br>SELinux status:                 enabled<br>SELinuxfs mount:                /sys/fs/selinux<br>SELinux root directory:         /etc/selinux<br>Loaded policy name:             mls (also tried targeted and minimum)<br>Current mode:                   permissive<br>Mode from config file:          permissive<br>Policy MLS status:              enabled<br>Policy deny_unknown status:     allowed<br>Memory protection checking:     actual (secure)<br>Max kernel policy version:      33<br><br>While I am creating the selinux user, I am getting the following error from the libsemanage.<br>root@abc:~# useradd -G wheel -Z sysadm_u test_se                            <br><br>[libsemanage]: Error while renaming /var/lib/selinux/minimum/active to /var/lib/selinux/minimum/previous.<br>Cannot commit SELinux transaction<br>useradd: warning: the user name test_se to sysadm_u SELinux user mapping failed.<br><br>During building of the selinux :  I have used the refpolicy as minimum and added the selinux package (selinux-minimal) in the openbmc image<br>(<a href="http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/refpolicy/refpolicy-minimum_git.bb">http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/refpolicy/refpolicy-minimum_git.bb</a>)<br>(<a href="http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/packagegroups/packagegroup-selinux-minimal.bb">http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux/tree/recipes-security/packagegroups/packagegroup-selinux-minimal.bb</a>)<br><br>Did anybody try creating the selinux user?<br>I have seen that Anton and Ivan were working on that, Did you also face this issue? If not, Can you suggest what I am missing?<br><br>Regards<br>Ratan Gupta</div>