xfs file system w/ selinux?
Christopher J. PeBenito
cpebenito at tresys.com
Fri Oct 8 17:51:00 UTC 2004
On Fri, 2004-10-08 at 13:29 -0400, Stephen Smalley wrote:
> On Fri, 2004-10-08 at 13:23, Justin Conover wrote:
> > Is there any downside to running xfs with selinux?
> >
> > I'm just testing(playing) with test2 and I was thinking of using
> > lvm/xfs/selinux. Choosing xfs because it is a good fs and easier to
> > grow online than ext3. Plus I'm just testing :)
>
> We haven't tried xfs with SELinux ourselves, but it _should_ work.
> Please report any problems. It has xattr handlers for the security
> namespace. There was an earlier problem with xfs preventing SELinux
> from internally accessing the xattrs, but I believe that has been fixed.
The one catch is to use a larger inode size; 512 should be sufficient.
XFS stores the xattr in the inode if there's enough space in it.
Otherwise it has to allocate a whole block to store the xattr, which
incurs a performance penalty and a waste of space. The default size
(256) isn't big enough for the context. So when you mkfs, add -i
size=512 to the command line options.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
More information about the fedora-selinux-list
mailing list