On Mon, Dec 7, 2020 at 9:43 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > Hi everyone, > > In [1] we ran into a problem with the current handling of filesystem > labeling rules. Basically, it is only possible to specify either > genfscon or fs_use_xattr for a given filesystem, but in the case of > virtiofs, certain mounts may support security xattrs, while other ones > may not. Quickly skimming the linked GH issue, it appears that the problem really lies in the fact that virtiofs allows one to enable/disable xattrs at mount time. What isn't clear to me is why one would need to disable xattrs, can you explain that use case? Why does enabling xattrs in virtiofs cause problems? -- paul moore www.paul-moore.com
