selinux -- or is it
Stephen Smalley
sds at tycho.nsa.gov
Fri May 9 11:25:59 UTC 2008
On Fri, 2008-05-09 at 08:45 +0200, Tomasz Torcz wrote:
> Dnia 08-05-2008, czw o godzinie 13:36 -0400, Daniel J Walsh pisze:
> > If you are using reiserfs, then you should not use SELinux. It does not
> > support extended attributes properly.
>
> Apart from awful performance hit, what's wrong with xattrs on
> reiserfs?
reiserfs was never updated to set the xattr on newly created files when
that functionality moved from the vfs to the individual filesystems (so
that it could be atomically with the file creation). And historically
we had numerous problems with the reiserfs xattr-as-files model leading
to deadlocks and permission denials; it wasn't designed or implemented
with MAC labeling in mind.
--
Stephen Smalley
National Security Agency
More information about the fedora-list
mailing list