On Wed, Aug 10, 2016 at 8:52 AM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > On 08/10/2016 08:32 AM, Paul Moore wrote: >> On Wed, Aug 10, 2016 at 5:11 AM, Miklos Szeredi <miklos@xxxxxxxxxx> wrote: >>> On Tue, Aug 9, 2016 at 3:19 AM, Paul Moore <paul@xxxxxxxxxxxxxx> wrote: >>>> Okay, I just merged these patches into selinux#next. With the >>>> exception of some changes to restore the mode argument to >>>> ovl_create_or_link() and to fix some whitespace damage the patches >>>> were merged cleanly. >>> Don't need to add the back the mode argument, just use stat->mode. >> Thanks for the pointer (I'm on vacation at the moment and trying to do >> this quickly). Since it was a merge issue, and the branch hasn't been >> pulled by Linus, I didn't bother with a new patch, I simply updated >> the existing patch from Vivek and re-pushed to selinux#next. If you >> see anything else, please let me know. >> >> For Fedora folks, I'm currently rebuilding the COPR >> pcmoore/kernel-secnext kernel packages with this update; assuming >> there are no problems with the COPR infrastructure the kernel should >> be ready in a couple of hours. >> >> * https://copr.fedorainfracloud.org/coprs/pcmoore/kernel-secnext >> > Cool once there is a kernel with ovlerlay fs/selinux support I will run > it on my laptop and attempt > the selinux test suite, if everything goes well I will start running > docker on overlay with selinux enforcing mode. Okay, the build finished and passes the base SELinux/audit regressions tests (I didn't test the SELinux/overlayfs integration yet); kernel-4.8.0-0.rc1.git1.1.1.secnext.fc26 or greater will have the SELinux/overlayfs patches included. The link above has instructions on enabling the COPR repo on your system. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
