Once OpenRC 0.13 is released, it implements all the functionality of selinux_gentoo earlier during boot so the enforcing=0 and then switching to enforcing later should not be required. A few minor policy additions are needed to allow restorecon -r /dev and a few labels then enforcing=1 should work fine. then selinux_gentoo becomes redundant and can be removed. So far the following are needed: /sbin/openrc -- gen_context(system_u:object_r:rc_exec_t,s0) dev_setattr_all_blk_files(initrc_t) dev_setattr_all_chr_files(initrc_t) and also deciding on a label for /run/tmpfiles.d See also: https://bugs.gentoo.org/show_bug.cgi?id=516956
OpenRC has been labeled properly and is in the master branch. The fixes for restorecon on /dev and /sys are in openrc git and will be in the next release. A policy for tmpfiles/checkpath is in the testing branch and has been sent upstream for comments.
+ 04 Jul 2015; Jason Zaman <perfinion@gentoo.org> + +policycoreutils-2.4-r1.ebuild, policycoreutils-9999.ebuild: + bump of policycoreutils-extra, fixes bugs 544598, 517456, 517450 fixed and blocks older openrc
the stable version has dropped the init script
