Selinux in enforcing mode on AGX Xavier

Hi,

I am trying to run selinux on AGX in enforcing mode.
Jetson runs fine when the mode is permissive/disabled. However, once selinux is activated (i.e. changing mode to enforcing), on reboot the system is stuck. Boot is unsuccessful. The only way to get AGX running again is by re-installing Jetpack. This seems to be a common problem, but no good solution exists. Is there a solution to this?

Instructions for installing selinux:

sudo apt install policycoreutils selinux-utils selinux-basics
sudo selinux-activate

To change mode from permissive to enforcing, modify /etc/selinux/config following line:

FROM:
SELINUX=permissive
TO:
SELINUX=enforcing

Thank you,
Tejas

Hi,
We don’t have experience about this use-case. Would need other users to check and suggest next. You can also try to connect Xavier to a host PC to get UART log and check further. Please refer to
Jetson/General debug - eLinux.org

Hi @DaneLLL, thanks for the suggestion.

I searched around and I have found a solution: to remove apparmor completely. After removing apparmor, one can set the selinux mode to enforcing. AGX restarts 1/2 times after that, but boot is successful. Will close this, thanks

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.