Bug 1287763

Summary: glusterfs does not allow passing standard SElinux mount options to fuse
Product: [Community] GlusterFS Reporter: Manikandan <mselvaga>
Component: scriptsAssignee: Niels de Vos <ndevos>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: mainlineCC: bugs, ndevos, smohan
Target Milestone: ---Keywords: SELinux, Triaged
Target Release: ---   
Hardware: x86_64   
OS: All   
Whiteboard:
Fixed In Version: glusterfs-3.8rc2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1287877 1287878 1287879 (view as bug list) Environment:
Last Closed: 2016-06-16 13:47:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1287877, 1287878, 1287879    

Description Manikandan 2015-12-02 15:48:14 UTC 
Description of problem:

With older versions of gluster, say 3.5.3, glusterfs supports setting selinux context over fuse.glusterfs mountpoint. After 3.6.1, it throws an error : "Invalid option: context". 

The problem is because of a change in mount.glusterfs script. With older versions, it works fine.

Version-Release number of selected component (if applicable):


How reproducible:
Always in versions from 3.6

Steps to Reproduce:
http://www.gluster.org/pipermail/gluster-users.old/2015-January/020014.html

Actual results:
It throws an error "Invalid option: context"

Expected results:
Inform FUSE that the glusterfs sub-filesystem supports SElinux while passing mount options and allow to set selinux context over the mountpoint.


Additional info:

When you set selinux context, the same can be verfied in /proc/mounts:

vm1:sel /qwe1 fuse.glusterfs rw,context=system_u:object_r:user_home_t:s0,relatime,user_id=0,group_id=0,default_    permissions,allow_other,max_read=131072 0 0
Comment 1 Vijay Bellur 2015-12-02 20:56:01 UTC 
REVIEW: http://review.gluster.org/12858 (fuse: pass default SElinux mount options on to the kernel) posted (#1) for review on master by Niels de Vos (ndevos)
Comment 2 Vijay Bellur 2015-12-02 21:42:46 UTC 
REVIEW: http://review.gluster.org/12858 (fuse: pass default SElinux mount options on to the kernel) posted (#2) for review on master by Niels de Vos (ndevos)
Comment 3 Vijay Bellur 2015-12-03 10:31:05 UTC 
COMMIT: http://review.gluster.org/12858 committed in master by Niels de Vos (ndevos) 
------
commit e6046ddc62a61f63d3c2ff2fb450c07c0604e801
Author: Niels de Vos <ndevos>
Date:   Wed Dec 2 21:19:56 2015 +0100

    fuse: pass default SElinux mount options on to the kernel
    
    In order to set default SElinux contexts on a Gluster mount, the
    standard SElinux mount options need to be passed to the kernel. The
    mount(8) manual page lists "context", "fscontext", "defcontext" and
    "rootcontext" as valid options.
    
    BUG: 1287763
    Change-Id: I015fe27e4c6ff36a030e3480b23141aca2d91fc2
    Signed-off-by: Niels de Vos <ndevos>
    Reviewed-on: http://review.gluster.org/12858
    Tested-by: NetBSD Build System <jenkins.org>
    Tested-by: Gluster Build System <jenkins.com>
    Reviewed-by: Humble Devassy Chirammal <humble.devassy>
    Reviewed-by: Manikandan Selvaganesh <mselvaga>
Comment 4 Niels de Vos 2016-06-16 13:47:58 UTC 
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.8.0, please open a new bug report.

glusterfs-3.8.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://blog.gluster.org/2016/06/glusterfs-3-8-released/
[2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user