On Tue, Mar 6, 2012 at 10:07 AM, Christopher J. PeBenito <cpebenito@xxxxxxxxxx> wrote: > On 03/06/12 06:51, Han-Wen Nienhuys wrote: >> Hi there, >> >> What is the best way to stop to SELinux from trying read ACL security >> labels for (FUSE) mounts? >> >> Background: >> >> From what I read, Selinux is not really working on FUSE filesystems, >> however, when I run a FUSE filesystem, I see various GETXATTR calls >> passing by asking for > > SELinux uses the security.selinux xattr. > >> security.capability > > I'm guessing this is for fs capabilities. > >> system.posix_acl_default >> system.posix_acl_access > > POSIX ACL. > > You'd presumably have to disable these mechanisms to eliminate this access. Would you have some pointers to background on these mechanisms? Sorry for the newbie-ish question. -- Han-Wen Nienhuys - hanwen@xxxxxxxxx - http://www.xs4all.nl/~hanwen -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
