Stephen Smalley (sds@xxxxxxxxxxxxx) said: > On Fri, 2006-04-21 at 07:51 -0400, Stephen Smalley wrote: > > On Thu, 2006-04-20 at 14:38 -0400, Bill Nottingham wrote: > > Possibly stupid question: Will files be created dynamically in these > > tmpfs mounts at runtime? Do you expect them to follow the traditional > > inherit-from-parent-directory behavior you get from ext3? > > Sorry, not enough caffeine here. They already do follow that behavior > (via inode_init_security hook call from tmpfs). Only problem here is > getting the right label on the root directory inode in the first place, > which likely just requires allowing restorecon to fix it up, as is done > for /dev as well. This does suggest however that a rootcontext= option > to mount would be helpful. Sorry to be dense, but if I were to be writing down what specifically needs done, that would be: - rootcontext= support in mount? - a way to get the root label inode right on tmpfs (is this a policy or kernel change?) Just trying to clearly articulate what I'm blocking on. Bill -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
