Hello.
I have some questions about labeled NFS.
We have client and server systems running RHEL 6.1
Kernels for both client and server were downloaded from git://git.selinuxproject.org/~dpquigl/lnfs
Kernel version is 2.6.32. and they are already patched to support labeled NFS.
Server is configured to export NFS share. Nfs-utils on server are patched for labeled nfs too.
Here is listing for server exports file:
/export *(rw,fsid=0,sec=unix,insecure,no_subtree_check,sync,security_label)
Client and server have the same MLS policy.
If I mount NFS share with command
#mount -t nfs4 server:/ /mnt/nfsv4
everything works good, but when i try to mount the same share to another directory
#mount -t nfs4 server:/ /mnt/nfsv4_2
it fails with:
Message from syslogd@localhost at May 11 13:07:17 ...
kernel:Oops: 0000 [#1] SMP
Message from syslogd@localhost at May 11 13:07:17 ...
kernel:last sysfs file: /sys/devices/virtual/block/dm-0/dev
Message from syslogd@localhost at May 11 13:07:17 ...
kernel:Stack:
Why does it happens? Where I can get more information about that.
The second question is that maybe I don't need labeled NFS.
My task is to transfer security levels between client and server over NFS
so that client with security level s0, for example, couldn't get access to file with level s1 on NFS share.
I don't know if it may be done with netlabel or something.
Could you help me a bit.
Andrei
