SELinux support

Ratan Gupta ratankgupta31 at
Wed Jun 23 16:31:56 AEST 2021

Hi Team,

I was working on supporting selinux on openbmc stack, I was able to create
the image with selinux.
root at test:~# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             mls (also tried targeted and minimum)
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33

While I am creating the selinux user, I am getting the following error from
the libsemanage.
root at abc:~# useradd -G wheel -Z sysadm_u test_se

[libsemanage]: Error while renaming /var/lib/selinux/minimum/active to
Cannot commit SELinux transaction
useradd: warning: the user name test_se to sysadm_u SELinux user mapping

During building of the selinux :  I have used the refpolicy as minimum and
added the selinux package (selinux-minimal) in the openbmc image

Did anybody try creating the selinux user?
I have seen that Anton and Ivan were working on that, Did you also face
this issue? If not, Can you suggest what I am missing?

Ratan Gupta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openbmc mailing list