On 08/08/2015 10:04 AM, Niels de Vos wrote:
On Fri, Aug 07, 2015 at 05:30:21PM -0700, Bob Arendt wrote:
>I'm currently using gluster 3.6.2, and I've been exploring the gluster docs
>and source trees. The man pages seem to indicate that there*should*
>be selinux support, perhaps augmented by adding a --selinux argument
>to glusterd, glusterfsd, and adding a selinux option to the glusterfs mount.
The feature to support SElinux over FUSE mounts boils down to the mount
option "selinux":
# mount -t glusterfs -o selinux storage.example.com:/volume /mnt
The /sbin/mount.glusterfs helper sctipt parses the "selinux" option and
passes the /usr/sbin/glusterfs binary the --selinux argument.
The option is only affecting the client-side. Without the option the
special SElinux extended attributes are filtered and not sent to the
bricks (maybe even with an error returned). As long as the bricks
support SElinux, everything is expected to work.
In case something is not working correctly, please provide the exact
steps to reproduce with a clear example in a bug report.
https://bugzilla.redhat.com/enter_bug.cgi?Product=GlusterFS
Thanks,
Niels
Thanks Niels,
I've documented my steps in https://bugzilla.redhat.com/show_bug.cgi?id=1252627
The selinux mount option is asserted, and I see that this does result
in the glusterfs process receiving a --selinux switch. But that's not
effective. Is there something server-side that has to be enabled?
Thank you,
-Bob Arendt
_______________________________________________
Gluster-devel mailing list
Gluster-devel@xxxxxxxxxxx
http://www.gluster.org/mailman/listinfo/gluster-devel
