On 04/28/14 19:42, Stephen Smalley wrote:
It would be difficult at best, unless you are only using it for a
minimalist root and everything else is on some other filesystem type.
Without xattrs, you do not have per-file security labels and therefore
cannot set up automatic domain transitions on any of the executables
in that filesystem or otherwise distinguish any of those files in the
policy. Lack of xattr support in a native Linux filesystem is a
significant drawback these days; xattrs are used not only for SELinux
but also for ACLs, file capabilities, and various application purposes
(user. namespace). reiser4 isn't in mainline AFAIK.
On Mon, Apr 28, 2014 at 1:06 AM, dE <de.techno@xxxxxxxxx> wrote:
I just realized -- my rootfs doesn't support xattr (reiser4).
Is there any chance I can use SELinux?
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to
Selinux-request@xxxxxxxxxxxxx.
Thanks for clarifying that.
I'll try out SELinux in that fedora VM.
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
