Ask / Submit
7

Android Apps or/and native Selinux support

asked 2014-01-28 11:12:07 +0300

Sailor gravatar image

Hi,

are there any plans to support SELInux or something similar in the Android environment of the phone? I know sticking to native apps helps a lot but sometimes Android Apps are needed (because of the business where you work and so on).

Or are there any other ways without shell hacking to prevent Android apps from getting locations, calendar and phonebook?

edit retag flag offensive close delete

3 Answers

Sort by » oldest newest most voted
5

answered 2019-04-14 10:24:17 +0300

pat_o gravatar image

This is officially back in Jolla plan. See for example: https://git.merproject.org/mer-core/dbus/merge_requests/5 No info as of when though

edit flag offensive delete publish link more
2

answered 2015-05-06 17:41:01 +0300

lakutalo gravatar image

updated 2015-05-06 18:06:14 +0300

Yes! SELinux is considered as an option for SFOS roadmap, as you can see here: https://sailfishos.org/developmentroadmap/

edit flag offensive delete publish link more
1

answered 2019-04-13 22:58:04 +0300

Levone1 gravatar image

Bumping this, because I had been experimenting with trying to get libvirt/libcrypt/virsh going on my X, and finally got everything built and installed, including selinux-tools, selinux-policy, etc., but eventually found out that I can't get SELinux enabled, (I guess it has to be built into the kernel?), so running any virsh command gives 'illegal instruction' error. The link above, in lakutalo's answer, is dead, so:

  • Is there any way to get SELinux enabled with our kernel, or, does anyone know how I might be able to modify the kernel to add it, and,
  • Is adding SELinux support still part of the Sailfish roadmap, as was indicated above?
edit flag offensive delete publish link more

Comments

1
2

This is the first time I read that libvirt depends on SELinux ... and I remember having run libvirt on non-SELinux systems a couple of years ago. "Illegal instruction" sounds a lot more like a binary not being built specifically for the target platform, or an operating system not having a specific trap handler for some feature (like FP emulation).

Maus ( 2019-04-13 23:23:31 +0300 )edit

I see, thanks ... I don't really know a lot abot it, I thought I was just putting 2 and 2 together... I built libcrypt and libvirt on the phone, so they should be ok, but I installed a couple of selinux rpms that I found on the internet. Maybe they're the problem.

Levone1 ( 2019-04-13 23:32:06 +0300 )edit

@tortoisedoc - the info in that link is a little over my head... for one, though, I don't have /sys/kernel/security directory... Is it saying that you can add or modify files there to enable or disable modules, or is it saying that the files there just show which modules are built into the kernel? And what is the program that you would use the "security=..." kernel command line argument to override the kernel configs, is it sepolicy, or...? Thanks

Levone1 ( 2019-04-13 23:40:17 +0300 )edit

@Maus - I just remembered that I got some configure or make error about build type, so i used 'build type armeabi...' or something... I guess maybe that could be it. (I jist realized that you said libvirt has nothing to do w/ selinux, so probably not those rpms)

Levone1 ( 2019-04-14 00:00:27 +0300 )edit
Login/Signup to Answer

Question tools

Follow
4 followers

Stats

Asked: 2014-01-28 11:12:07 +0300

Seen: 578 times

Last updated: Apr 14