Selinux and Reiserfs
Stephen Smalley
sds at epoch.ncsc.mil
Thu Jan 15 17:03:49 UTC 2004
On Thu, 2004-01-15 at 09:39, Dave Hawkes wrote:
> I thought I would try the latest development updates to see how the
> selinux implementation is progressing, but was unable to relabel my
> reiserfs drive.
>
> I changed the fs_use file to include reiserfs (fs_use_xattr reiserfs
> system_u:object_r:fs_t) and also changed the makefile so awk would
> identify reiserfs drives.
>
> However I still get the "Operation not supported" error from setfiles so
> I assume the reiserfs selinux kernel patches (using kernel 2.6.0-1.41)
> are not implemented? Does anyone know if that is the case?
reiserfs doesn't support extended attributes unless you patch in
support, e.g. using Jeff Mahoney's patches from
ftp://ftp.suse.com/pub/people/jeffm/reiserfs/aclea/. These patches do
include a handler for the security namespace now, and a SELinux user has
reported successfully assigning the SELinux labels using this code, but
we have never tested it ourselves.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the test
mailing list