refpolicy-targeted: Allowed mount to run with system role#1035
Closed
GargiQcom wants to merge 2 commits into
Closed
refpolicy-targeted: Allowed mount to run with system role#1035GargiQcom wants to merge 2 commits into
GargiQcom wants to merge 2 commits into
Conversation
type=SELINUX_ERR msg=audit(44.591:158): op=security_compute_sid invalid_context="system_u:system_r:unconfined_mount_t:s0" scontext=system_u:system_r:unconfined_t:s0 tcontext=system_u:object_r:mount_exec_t:s0 tclass=process Signed-off-by: Gargi Misra <gmisra@qti.qualcomm.com>
anujm1
reviewed
Mar 30, 2026
|
|
||
| type=SELINUX_ERR msg=audit(44.591:158): op=security_compute_sid invalid_context="system_u:system_r:unconfined_mount_t:s0" scontext=system_u:system_r:unconfined_t:s0 tcontext=system_u:object_r:mount_exec_t:s0 tclass=process | ||
|
|
||
| Upstream-Status: Inappropriate [meta-oe specific] |
Contributor
There was a problem hiding this comment.
Why is this meta-oe specific?
Contributor
Author
There was a problem hiding this comment.
This issue is observed in the adb shell, which is provided by meta-oe, hence it is meta-oe specific.
Contributor
There was a problem hiding this comment.
@GargiQcom if the change was in recipe or other metadata then it will be meta-oe for sure or if the change was just needed for OE for some reason. Since the patch is changing the original component, we have to answer question if this patch should be submitted to refpolicy-targeted component upstream or not.
Contributor
Author
There was a problem hiding this comment.
Thanks for the feedback. Since the overall approach is disputed and doesn’t seem suitable for this repo, I’ll close this PR and re-evaluate the change internally before deciding on the right upstream path.
embetrix
pushed a commit
to embetrix/meta-openembedded
that referenced
this pull request
Apr 3, 2026
Upgrade to release 1.9.0: - 1.9.0 - Remove Python 3.8 support (EOL), add Python 3.13 (5f25030) - Remove localhost and 127.0.0.1 from default NO_PROXY list (openembedded#994) - Support IPv6 CIDRs in the no_proxy option (openembedded#1033) - Fix thread safety condition in `teardown()` to improve `run_forever()` (openembedded#1015) - Fix openembedded#1024 by chunking data, recursion in on_error callback, thread leak in `_stop_ping_thread()`, avoid implicit None in `recv()` (openembedded#1036) - Avoid bare except clauses for better error handling (openembedded#1036) - Fix async (openembedded#983) - Resolve mypy type errors (openembedded#996, openembedded#1006, 813d570) - Test coverage improvements (openembedded#1035, openembedded#1036) - flake8 linting improvements (openembedded#1034) - 1.8.0 - Added `on_reconnect` parameter to WebSocketApp to handle callback ambiguity (openembedded#972) - Improve handling of SSLEOFError and use reconnect bool (openembedded#961) - Minor linting and docs CI build upgrades (981c00e, 75ba91a, bec2608) License-Update: copyright years refreshed Signed-off-by: Ryan Eatmon <reatmon@ti.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
type=SELINUX_ERR msg=audit(44.591:158): op=security_compute_sid invalid_context="system_u:system_r:unconfined_mount_t:s0" scontext=system_u:system_r:unconfined_t:s0 tcontext=system_u:object_r:mount_exec_t:s0 tclass=process