context not inherited on mounted FS
Stephen Smalley
sds at tycho.nsa.gov
Thu Feb 23 13:27:44 UTC 2006
On Thu, 2006-02-23 at 13:08 +0000, Dovydas Sankauskas wrote:
> I have dir
> $ l -dZ /home/dovydas/muzika
> drwxrwxr-x dovydas dovydas user_u:object_r:user_home_t
> /home/dovydas/muzika/
>
> I mount here external usb hdd
> $ mount
> /dev/sda1 on /home/dovydas/muzika type xfs (rw,noexec)
>
> When I do
> $ touch /home/dovydas/muzika/sample
> I get
> $ l -Z /home/dovydas/muzika/sample
> -rw-rw-r-- dovydas dovydas system_u:object_r:file_t
> /home/dovydas/muzika/sample
>
> Why context is not inherited? How can I solve this problem? I saw this
> problem, when I tried to connect to my computer via ftp. I simply can
> not see file "sample" via ftp. I can create a subdir, but i can not
> see it. All other dirs are allright, except this one
> /home/dovydas/muzika, which is mounted external hdd.
First, a mounted directory won't inherit from the mount point directory
- it has its own extended attribute. Second, xfs has a known issue with
SELinux labeling in 2.6.14 and 2.6.15, which has been fixed upstream for
2.6.16. See:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176600
You might want to add a comment to that bug noting that you need
xfs/SELinux support and asking about getting the xfs patches
incorporated into a future FC4 kernel update (assuming you are using
FC4). But they might just wait until 2.6.16 comes out.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list