Return-Path: linux-nfs-owner@vger.kernel.org Received: from nm23.access.bullet.mail.mud.yahoo.com ([66.94.237.88]:40156 "EHLO nm23.access.bullet.mail.mud.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751113Ab2LTVTf (ORCPT ); Thu, 20 Dec 2012 16:19:35 -0500 Message-ID: <50D37F4F.3090406@schaufler-ca.com> Date: Thu, 20 Dec 2012 13:12:47 -0800 From: Casey Schaufler MIME-Version: 1.0 To: David Quigley CC: joseph_vu@hotmail.com, steved@redhat.com, trond.myklebust@netapp.com, bfields@fieldses.org, rodel_fm@dsi.a-star.edu.sg, linux-nfs@vger.kernel.org, selinux@tycho.nsa.gov, Casey Schaufler Subject: Re: Labeled NFS Meeting Info for Tonight Dec 20/Dec 21st for our friends in Singapore References: In-Reply-To: Content-Type: text/plain; charset=UTF-8 Sender: linux-nfs-owner@vger.kernel.org List-ID: On 12/20/2012 12:41 PM, David Quigley wrote: > Hello Everyone, > > The meeting info and agenda is listed below. I will try to have the > google+ hangout posted and running a half an hour before the meeting > so people can join. just add me to a circle and I will add you to my > LNFS Meeting circle and send out the invite. You can add me earlier in > the day if you like I should be able to add people whenever. > > > Time: Thursday Dec 20th 10:00pm-12:00pm (The latest) Eastern > 8:00pm-10:00pm Central > 7:00pm-9:00pm Pacific > Friday Dec 21st 11:00am-1:00pm Singapore > > Where: Google+ Hangout Hosted by +SELinux or +Dave Quigley (If you see > a blue 350z you have the right dave quigley). > > > > > Proposed Agenda > ------------------------- > > + Discuss merge windows and which one we'd like to target > > Do we want to shoot for 3.9 or will we attempt to implement the > remaining features and go for 3.10 > > + Discuss current feedback from Bruce Fields > > Patch 1/13: Cleanup comment for dentry_init_security > Patch 2/13: Cleanup comment to reflect that xattrs aren't being used > in the protocol. > Patch 5/13: Add warning that the functionality is highly experimental > and still volatile. > Patch 7/13: Concern about nfs4_label_alloc doing higher order > allocations (more than 4096). > Patch 10/13: Investigate removing ifdefs from server code and making > sure that nfs_server_capable and other functions handle it being > configured off. > Patch 13/13: Similar comments about removing ifdefs if possible and > hiding it away in other areas. Find out why security_inode_setsecctx > may fail and see if it can in its usecase here. Remove BUGONs and > cleanup whitespace. > > > + Discuss current feedback from Trond Myklebust > > Trond commented about changing the definition of encode_getfattr. He > would rather instead of modifying getfattr we mimic > encode/decode_fsinfo. We should look at that and determine what to do. > > + Discuss implementing remaining features from NFSv4.2 specification > > Attribute change notification > RPCSECGSSv3? > > + Discuss viability of future every other week meetings > I can't make to meeting today. I am still trying to track down why it's not working with Smack. It is not sufficient to add CAP_MAC_ADMIN to nfsd. The missing capability is CAP_MAC_OVERRIDE, according to the audit trail. I would like to see Smack support as a goal, even if for a future release. Thank you.