--- Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote: > Please don't introduce a special case for just nfs. All filesystems > should control their mount options, so please provide some library > helpers for context= handling and move it into all filesystems that > can support selinux. Smack has options that are filesystem independent (smackfsdef= smackfsroot= smackfsfloor= smackfshat=) instead of the context= SELinux seems happy with. Since there is no reason that a file system even really needs to know what these values are it would be completely unreasonable to teach every filesystem about them. The information is completely controlled and used by the LSM. Of course, we could use something other than mount options (vfsctl? sorry - only kidding) to set the LSM specific information, and that might be the right approach. Casey Schaufler casey@xxxxxxxxxxxxxxxx -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
