Backport of the SELinux xlator is needed to get the feature in 3.11.0. --- Additional comment COMMIT: https://review.gluster.org/13762 committed in master by Niels de Vos (ndevos) ------ commit 6484558c7502e5afe1c96081dbe329ca5d9cb7e2 Author: Manikandan Selvaganesh <mselvaga> Date: Wed Mar 16 21:37:22 2016 +0530 SELinux : implementation of SELinux translator The patch implement a part of SELinux translator to support setting SELinux contexts on files in a glusterfs volume. URL: https://github.com/gluster/glusterfs-specs/blob/master/accepted/SELinux-client-support.md Change-Id: Id8916bd8e064ccf74ba86225ead95f86dc5a1a25 BUG: 1318100 Fixes : #55 Signed-off-by: Manikandan Selvaganesh <mselvaga> Signed-off-by: Jiffin Tony Thottan <jthottan> Signed-off-by: Niels de Vos <ndevos> Reviewed-on: https://review.gluster.org/13762 Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> Reviewed-by: Manikandan Selvaganesh <manikandancs333> Reviewed-by: Atin Mukherjee <amukherj>
Also needs a backport of https://review.gluster.org/6630
REVIEW: https://review.gluster.org/17157 (extras/hook-scripts: SELinux brick file context management scripts) posted (#1) for review on release-3.11 by Niels de Vos (ndevos)
REVIEW: https://review.gluster.org/17159 (SELinux : implementation of SELinux translator) posted (#1) for review on release-3.11 by jiffin tony Thottan (jthottan)
COMMIT: https://review.gluster.org/17159 committed in release-3.11 by Kaushal M (kaushal) ------ commit 845f67fce0aa17b5e10b80a4007d5d5c549084a0 Author: Manikandan Selvaganesh <mselvaga> Date: Wed Mar 16 21:37:22 2016 +0530 SELinux : implementation of SELinux translator The patch implement a part of SELinux translator to support setting SELinux contexts on files in a glusterfs volume. URL: https://github.com/gluster/glusterfs-specs/blob/master/accepted/SELinux-client-support.md Upstream reference : >Change-Id: Id8916bd8e064ccf74ba86225ead95f86dc5a1a25 >BUG: 1318100 >Fixes : #55 >Signed-off-by: Manikandan Selvaganesh <mselvaga> >Signed-off-by: Jiffin Tony Thottan <jthottan> >Signed-off-by: Niels de Vos <ndevos> >Reviewed-on: https://review.gluster.org/13762 >Smoke: Gluster Build System <jenkins.org> >NetBSD-regression: NetBSD Build System <jenkins.org> >CentOS-regression: Gluster Build System <jenkins.org> >Reviewed-by: Manikandan Selvaganesh <manikandancs333> >Reviewed-by: Atin Mukherjee <amukherj> Change-Id: Id8916bd8e064ccf74ba86225ead95f86dc5a1a25 BUG: 1447597 Signed-off-by: Jiffin Tony Thottan <jthottan> Reviewed-on: https://review.gluster.org/17159 Reviewed-by: Niels de Vos <ndevos> Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org>
COMMIT: https://review.gluster.org/17157 committed in release-3.11 by Kaushal M (kaushal) ------ commit 3fe8119ed80d82d0a4ae5beba6b0712d0dda691b Author: Niels de Vos <ndevos> Date: Wed May 3 12:02:40 2017 +0200 extras/hook-scripts: SELinux brick file context management scripts The SELinux policy for gluster defines the glusterd_brick_t type to support server side SELinux (e.g., server side labels). Add convenience hook scripts that users/packagers can install to ensure that new bricks are labeled correctly. The volume create hook script adds a new SELinux file context for each brick path and runs a restorecon to label the brick. The volume delete hook removes the per-brick SELinux file context. Cherry picked from commit 859669759f7fa0f2114add13660ce3bf16c77f30: > Change-Id: I5f102db5382d813c4d822ff74e873a7a669b41db > BUG: 1047975 > Signed-off-by: Brian Foster <bfoster> > Signed-off-by: Niels de Vos <ndevos> > Signed-off-by: Jiffin Tony Thottan <jthottan> > Reviewed-on: https://review.gluster.org/6630 > Smoke: Gluster Build System <jenkins.org> > NetBSD-regression: NetBSD Build System <jenkins.org> > CentOS-regression: Gluster Build System <jenkins.org> > Reviewed-by: Kaleb KEITHLEY <kkeithle> Change-Id: I5f102db5382d813c4d822ff74e873a7a669b41db BUG: 1447597 Signed-off-by: Niels de Vos <ndevos> Reviewed-on: https://review.gluster.org/17157 Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> Reviewed-by: jiffin tony Thottan <jthottan>
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.11.0, please open a new bug report. glusterfs-3.11.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://lists.gluster.org/pipermail/announce/2017-May/000073.html [2] https://www.gluster.org/pipermail/gluster-users/