On 07/10/2015 11:53 AM, Roberts, William C wrote: > Also, I see the manpage for mount has rootcontext, does this provide the > rootnode context so the xattr won’t be queried, or does it provide some > transient > label that is replaced at mount with the xattr query? rootcontext= is typically used to assign a specific context to the root directory of e.g. tmpfs mounts, rather than having to first mount it and then change the context to some value. Using it wouldn't suppress the getxattr call by SELinux for a fs_use_xattr filesystem, as SELinux always does that regardless just to probe whether the filesystem supports security xattrs (if not, then it will fail the mount). It would however override any underlying xattr value for the root directory. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
