On Mon, Jul 30, 2007 at 08:27:47AM -0400, Stephen Smalley wrote: > On Mon, 2007-07-30 at 09:29 +1000, David Chinner wrote: > > On Sun, Jul 29, 2007 at 05:02:09PM +0200, Adrian Bunk wrote: > > > Please correct me if any of the following assumptions is wrong: > > > - SELinux is currently the only user of filesystem security labels > > > shipped with the Linux kernel > > > - if a user has SELinux enabled he wants his filesystems to support > > > security labels > > > > > > Based on these assumption, it doesn't make sense to have the > > > *FS_SECURITY user visible since we can perfectly determine automatically > > > when turning them on makes sense. > > > > Hmmm. The code in XFS is not dependent on selinux, but this change > > would mean that testing the security xattr namespace would require a > > selinux enabled kernel. > > > > I agree that the default for these should be "y" and selected if > > selinux is enabled, but forcing us to use selinux enabled kernels > > (on distro's that may not support selinux) just to test the > > security xattr namespace is a bit of a pain. > > You can enable SECURITY_SELINUX in the kernel config but still have it > boot disabled by default via SECURITY_SELINUX_BOOTPARAM_VALUE=0. Ok, that shouldn't cause a problem then. Objection withdrawn. ;) Cheers, Dave. -- Dave Chinner Principal Engineer SGI Australian Software Group - To unsubscribe from this list: send the line "unsubscribe reiserfs-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
