Roger Peña wrote:
is this related to the fact that selinux policy stated this: genfscon gfs / system_u:object_r:nfs_t
Yes. This is what would be used for a filesystem that does not support selinux xattrs. In RHEL4.5, SELinux xattr support was added to GFS. However...
should I follow what is stated for reiserfs in this url: http://james-morris.livejournal.com/3580.html
Yes. GFS needs to be defined as a filesystem that supports selinux xattrs.
if I should do it, because is the right thing to do, why: 1- redhat did not do it for the release of 4.5 ?
The reason that the selinux policy was not updated for RHEL4.5 (in regards to selinux xattr support for GFS) is described in BZ 215559, comment #3:
"Changing this on the installed environment could have unexpected results. For example, currently all files on gfs are unlabled and treated as nfs_t. If I suddenly make this change, these file would then be treated file_t and any domain that was using them would become unable to . This would require a relabel to fix. And could cause hundreds of AVC messages. I do not feel this is worth it since almost everyone will not use the labels on GFS to treat one file differently than another. In the future, where you might have /usr mounted on a gfs or gfs2 partition, this would become more valuable."
2- others aren't getting this king of problems?
I'm not sure how many people are using GFS with SELinux enabled. :) -Ryan -- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
