Red Hat Bugzilla – Bug 977047
feature request: add zfs to the list of xattr supported file systems
Last modified: 2014-09-30 19:35:04 EDT
Created attachment 764195 [details] Patch to re-enable ZFS xattr support in RHEL 6.4's SELinux policy. +++ This bug was initially created as a clone of Bug #811532 +++ The solution from bug #811532 appears to have regressed in RHEL 6.4 (or at some point after 3.7.19-146, in any case.) When I build selinux-policy-3.7.19-195.el6_4.1.src.rpm, I can confirm that the serefpolicy-3.7.19/policy/modules/kernel/filesystem.te file does not contain the necessary "fs_use_xattr" line for zfs. I have rebuilt the selinux-policy-3.7.19-195.el6_4.1.src.rpm with the attached patch and after installing the result, I can properly use ZFS with SELinux.
In looking at this a little more, I don't see the appropriate "fs_use_xattr" line for ZFS when I do an `rpmbuild -bp` on http://ftp.redhat.com/redhat/linux/enterprise/6Server/en/os/SRPMS/selinux-policy-3.7.19-154.el6.src.rpm, which was the release that supposedly fixed bug #811532.
We have added this line to Fedora.
[ Gentle prod to reapply this lost/regressed fix... ] The one line patch does still work on 6.4, applied to the recent selinux-policy-3.7.19-195.el6_4.18.src.rpm. It would be convenient and appreciated to have in the official RHEL update stream. Especially since RH has already decided to publish the fix, back for RHBA-2012:0780-1.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1598.html