Skip to content

erofs: Incorrect selinux labels #164

New issue
New issue
Closed
#169
Closed
erofs: Incorrect selinux labels#164
#169
@Johan-Liebert1

Description

@Johan-Liebert1
Johan-Liebert1
opened on Jul 29, 2025

The generated EROFS image does not have correct SELinux labels for certain directories and files. These directories/files end up getting the default_t label.

One example, among many, is /home which is a symlink to /var/home

Here are the labels on the mounted EROFS image

total 88K
drwxr-xr-x.  12 root root system_u:object_r:root_t:s0               358 Jan  1  1970 .
drwx------.   4 core core unconfined_u:object_r:user_home_dir_t:s0  192 Jul 29 10:52 ..
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              7 Jan  1  1970 bin -> usr/bin
drwxr-xr-x.   2 root root system_u:object_r:boot_t:s0                27 Jan  1  1970 boot
drwxr-xr-x.   2 root root system_u:object_r:device_t:s0              27 Jan  1  1970 dev
drwxr-xr-x. 101 root root system_u:object_r:etc_t:s0               4.0K Jul 24 04:46 etc
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              8 Jan  1  1970 home -> var/home
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              7 Jan  1  1970 lib -> usr/lib
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              9 Jan  1  1970 lib64 -> usr/lib64
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              9 Jan  1  1970 media -> run/media
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              7 Jan  1  1970 mnt -> var/mnt
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              7 Jan  1  1970 opt -> var/opt
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0             14 Jan  1  1970 ostree -> sysroot/ostree
drwxr-xr-x.   2 root root system_u:object_r:default_t:s0             27 Jan  1  1970 proc
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0             12 Jan  1  1970 root -> var/roothome
drwxr-xr-x.   5 root root system_u:object_r:var_run_t:s0             87 Jul 24 04:46 run
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              8 Jan  1  1970 sbin -> usr/sbin
lrwxrwxrwx.   2 root root system_u:object_r:default_t:s0              7 Jan  1  1970 srv -> var/srv
drwxr-xr-x.   2 root root system_u:object_r:sysfs_t:s0               27 Jan  1  1970 sys
drwxr-xr-x.   3 root root system_u:object_r:default_t:s0             45 Jan  1  1970 sysroot
drwxrwxrwt.   2 root root system_u:object_r:tmp_t:s0                 27 Jul 24 04:46 tmp
drwxr-xr-x.  10 root root system_u:object_r:usr_t:s0                209 Jul 16 11:24 usr
drwxr-xr-x.   6 root root system_u:object_r:var_t:s0                104 Jul 24 04:45 var

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions