Bug 208278 - encfs doesn't work with selinux -- there is no file context for fuse
encfs doesn't work with selinux -- there is no file context for fuse
Status: CLOSED DUPLICATE of bug 189142
Product: Fedora
Classification: Fedora
Component: fuse (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Lemenkov
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2006-09-27 11:34 EDT by John Poelstra
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-10-31 09:03:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description John Poelstra 2006-09-27 11:34:35 EDT
Description of problem:

I can't move an outside directory into an encrypted encfs directory.

Version-Release number of selected component (if applicable):

How reproducible:
Every time

Steps to Reproduce:
1. As nonpriv user... $ encfs ~/.cryptdir ~/cryptdir
2. $ mv foodir ~/cryptdir
Actual results:
permission denied

Expected results:

Additional info:
From /var/log/messages

Sep 26 13:21:39 teflon kernel: audit(1159291299.977:77): avc:  denied  {
associate } for  pid=8543 comm="mv" name="foodir"
tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem
Sep 26 13:29:10 teflon kernel: SELinux: initialized (dev fuse, type fuse), not
configured for labeling
Comment 1 Daniel Walsh 2006-09-27 20:08:06 EDT
Experimenting with this, it does not seem that fuse/encfs supports Extended
attributes.  I have set up SELinux policy to handle it, and have gotten extended
attributes assigned within a encfs directory, but when I remount the encfs it
looses the selinux_context, and goes back to unlabeled_t.
Comment 2 Peter Lemenkov 2006-10-31 09:03:28 EST

*** This bug has been marked as a duplicate of 189142 ***

Note You need to log in before you can comment on or make changes to this bug.