On 5/11/2012 4:05 AM, zyxel wrote:
Hello.
I have some questions about labeled NFS.
We have client and server systems running RHEL 6.1
Kernels for both client and server were downloaded from git://git.selinuxproject.org/~dpquigl/lnfs
Kernel version is 2.6.32. and they are already patched to support
labeled NFS.
Server is configured to export NFS share. Nfs-utils on server are
patched for labeled nfs too.
Here is listing for server exports file:
/export
*(rw,fsid=0,sec=unix,insecure,no_subtree_check,sync,security_label)
Client and server have the same MLS policy.
If I mount NFS share with command
#mount -t nfs4 server:/ /mnt/nfsv4
everything works good, but when i try to mount the same share to
another directory
#mount -t nfs4 server:/ /mnt/nfsv4_2
it fails with:
Message from syslogd@localhost at May 11 13:07:17 ...
kernel:Oops: 0000 [#1] SMP
Message from syslogd@localhost at May 11 13:07:17 ...
kernel:last sysfs file: /sys/devices/virtual/block/dm-0/dev
Message from syslogd@localhost at May 11 13:07:17 ...
kernel:Stack:
An "Oops" indicates that a component of the kernel had a fatal
error, but that it only affected the current process or device
and the kernel was able to continue otherwise.
Use dmesg to see the kernel log. Any number of issues, from
misconfiguration to just plain bad code could have caused your
problem. There is not enough information in your email to do
much diagnosis.
Why does it happens? Where I can get more information about that.
The second question is that maybe I don't need labeled NFS.
My task is to transfer security levels between client and server
over NFS
so that client with security level s0, for example, couldn't get
access to file with level s1 on NFS share.
I don't know if it may be done with netlabel or something.
Could you help me a bit.
Andrei
|
