* Dave Quigley (dpquigl@xxxxxxxxxxxxx) wrote:
> The reason for the differentiation is that NFS inodes don't need their
> on-disk representation set. Normally this would be taken care of with an
> inode_getsecurity call but as you noted Casey objected to a hook to get
> the suffix name. Also he did have a point in that the context may have
> several components to it that could have multiple suffixes. So I need a
> hook that allows us to set possibly multiple internal security values
> based on a security context and without using an xattr name.
Can you work on a couple things..first the fn name is not particularly
helpful ({get,set}context are just vague), and second, the SELinux
implementation is far too close to VFS code (you should not be manually
calling fsnotify, for example). IOW, it looks more like a higher
level helper.
thanks,
-chris
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
