Bug 1767401
| Summary: | allow cephfs to provide contexts via xattr | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Jeff Layton <jlayton> | ||||
| Component: | selinux-policy | Assignee: | Zdenek Pytela <zpytela> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 32 | CC: | dwalsh, lvrabec, mgrepl, plautrba, zpytela | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | selinux-policy-3.14.5-28.fc32 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 1767402 (view as bug list) | Environment: | |||||
| Last Closed: | 2020-04-08 09:26:38 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1767402 | ||||||
| Attachments: |
|
||||||
Created attachment 1631015 [details]
allow ceph to use xattrs to set policy
PR merged:
commit 862368c92def52e3bccce571a46cd99dce34fc78 (HEAD -> rawhide, origin/rawhide)
Author: Jeff Layton <jlayton>
Date: Wed Oct 30 14:12:06 2019 -0400
Allow cephfs to use xattrs for storing contexts
cephfs recently gained the ability to store SELinux contexts in an xattr
(like most local filesystems). Change the policy to allow for this.
Signed-off-by: Jeff Layton <jlayton>
This package has changed maintainer in the Fedora. Reassigning to the new maintainer of this component. This bug appears to have been reported against 'rawhide' during the Fedora 32 development cycle. Changing version to 32. Fix for the issue reported is a part of the current package version. |
cephfs recently grew the ability to handle selinux contexts via its xattr infrastructure: https://github.com/uli/kernel/commit/ac6713ccb5a6d13b59a2e3fda4fb049a2c4e0af2 Fix the selinux-policy to allow this to work instead of setting a context on the whole mountpoint.