From: pebenito@gentoo.org (Chris PeBenito) Date: Fri, 07 Dec 2012 13:26:57 -0500 Subject: [refpolicy] [PATCH] Implement zfs support In-Reply-To: <50C225B9.1020303@mthode.org> References: <50B4DC4E.2000108@mthode.org> <50B68572.1060006@tresys.com> <50B68AF1.5010404@mthode.org> <50C225B9.1020303@mthode.org> Message-ID: <50C234F1.3000007@gentoo.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 12/7/2012 12:22 PM, Matthew Thode wrote: > On 11/28/2012 04:06 PM, Matthew Thode wrote: >> On 11/28/2012 03:43 PM, Christopher J. PeBenito wrote: >>> On 11/27/12 10:29, Matthew Thode wrote: >>>> Just adding zfs to the list of defined filesystems in filesystem.te >>>> >>>> Signed-off-by: Matthew Thode >>>> --- >>>> policy/modules/kernel/filesystem.te >>>> 1 files changed, 1 insertions(+), 0 deletions (-) >>>> >>>> diff --git a/policy/modules/kernel/filesystem.te >>>> b/policy/modules/kernel/filesystem.te >>>> index 6bd38c8..e746ee5 100644 >>>> --- a/policy/modules/kernel/filesystem.te >>>> +++ b/policy/modules/kernel/filesystem.te >>>> @@ -33,6 +33,7 @@ fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0); >>>> fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0); >>>> fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0); >>>> fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0); >>>> +fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0); >>>> >>>> # Use the allocating task SID to label inodes in the following filesystem >>>> # types, and label the filesystem itself with the specified context. >>> >>> Is the security label support in the upstream ZFS on Linux repo? >>> >> xattrs are there fully :D >> >> xattr=sa >> https://github.com/zfsonlinux/zfs/issues/671 >> > any update on this? Its fine; I just forgot to merge it. Its in there now. -- Chris PeBenito Developer, Hardened Gentoo Linux