F20 System Wide Change: Enable SELinux Labeled NFS Support

Jaroslav Reznik jreznik at redhat.com
Thu Jul 25 11:11:01 UTC 2013

= Proposed System Wide Change: Enable SELinux Labeled NFS Support =

Change owner(s): Daniel Walsh <dwalsh at redhat.com>, Steve Dickson 
<steved at redhat.com>
The Linux Kernel has grown support for passing SELinux labels between a client 
and server using NFS. 

== Detailed description ==
We have always needed to treat NFS mounts with a single label usually 
something like nfs_t. Or at best allow an administrator to override the 
default with a label using the mount --context option. With this change we 
have lots of different Labels supported on an NFS share. 

== Scope ==
Proposal owners:
* Steve Dickson needs to make sure nfs-utils works properly.
* Dan Walsh needs to make sure selinux-policy works properly in all use cases. 

Other developers: Kernel 
* Turn on Labeled NFS in the Fedora Kernel, Fix any policy issues that arise 
because of this. I believe this is mainly a testing issue, and that the 
functionality is complete.

Release engineering: N/A (No changes for Release Engineering) 
Policies and guidelines: N/A (not affected) 

More information about the devel-announce mailing list