On Saturday 11 October 2008 00:51, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > BTW, one interesting tidbit from OpenSolaris FMAC - in Solaris, the > uid/gid/mode information for the root directory of a tmpfs mount > defaults to the attributes of the underlying mount point directory, so I > did likewise for the security context. Which means that I can set the > security context on the mount point directory as desired (tmp_t > for /tmp, var_run_t for /var/run, ...) and then the tmpfs mount will > pick up the right label automatically from the mount point. I don't > know if that makes sense in Linux, as they infer the default uid/gid > from the mounting process instead. If we are considering that then maybe we also should consider the reverse. Having a chcon on the root of a tmpfs filesystem change the mount point. -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
