--- Ryan O'Hara <rohara@xxxxxxxxxx> wrote: > > Roger Peña wrote: > > >> is this related to the fact that selinux policy > >> stated > >> this: > >> genfscon gfs / system_u:object_r:nfs_t > > Yes. This is what would be used for a filesystem > that does not support > selinux xattrs. In RHEL4.5, SELinux xattr support > was added to GFS. > However... > > > should I follow what is stated for reiserfs in > this > > url: > > http://james-morris.livejournal.com/3580.html > > Yes. GFS needs to be defined as a filesystem that > supports selinux xattrs. > > > if I should do it, because is the right thing to > do, > > why: > > 1- redhat did not do it for the release of 4.5 ? > > The reason that the selinux policy was not updated > for RHEL4.5 (in > regards to selinux xattr support for GFS) is > described in BZ 215559, > comment #3: > > "Changing this on the installed environment could > have unexpected > results. For example, currently all files on gfs > are unlabled and > treated as nfs_t. If I suddenly make this change, > these file would then > be treated file_t and any domain that was using them > would become unable > to . This would require a relabel to fix. And > could cause hundreds of > AVC messages. I do not feel this is worth it since > almost everyone will > not use the labels on GFS to treat one file > differently than another. In > the future, where you might have /usr mounted on a > gfs or gfs2 > partition, this would become more valuable." thanks a lot I had few days looking in the net but never look in bugzilla :-( jejejeje > > > 2- others aren't getting this king of problems? > > I'm not sure how many people are using GFS with > SELinux enabled. :) I was forced to, by httpd, it complain about not able to open configuration files and documentRoots .... ok, I will try to follow what stated in the webpage, and relabel the system, but this after I study a litle bit more about selinux :-) thanks again roger __________________________________________ RedHat Certified ( RHCE ) Cisco Certified ( CCNA & CCDA ) ____________________________________________________________________________________ Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7 -- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
