diff options
author | Karel Zak | 2008-12-22 18:46:45 +0100 |
---|---|---|
committer | Karel Zak | 2008-12-22 18:46:45 +0100 |
commit | b80d3b31df01ad5e4b4ecb9613fe1474ce3147ca (patch) | |
tree | 98251985d7b357c4c85762c055807c45dfb2296c /mount | |
parent | mount: clean up SPEC canonicalization (diff) | |
download | kernel-qcow2-util-linux-b80d3b31df01ad5e4b4ecb9613fe1474ce3147ca.tar.gz kernel-qcow2-util-linux-b80d3b31df01ad5e4b4ecb9613fe1474ce3147ca.tar.xz kernel-qcow2-util-linux-b80d3b31df01ad5e4b4ecb9613fe1474ce3147ca.zip |
mount: add rootcontext= SELinux mount option
Note, the description in the mount.8 man page is copy & paste from
rootcontext= kernel patch (by James Morris). I didn't found anything
more useful... (patches welcomed:-)
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'mount')
-rw-r--r-- | mount/mount.8 | 8 | ||||
-rw-r--r-- | mount/mount.c | 4 |
2 files changed, 11 insertions, 1 deletions
diff --git a/mount/mount.8 b/mount/mount.8 index 8905599ee..50655f0be 100644 --- a/mount/mount.8 +++ b/mount/mount.8 @@ -678,7 +678,7 @@ Can only be mounted explicitly (i.e., the .B \-a option will not cause the file system to be mounted). .TP -\fBcontext=\fP\fIcontext\fP, \fBfscontext=\fP\fIcontext\fP and \fBdefcontext=\fP\fIcontext\fP +\fBcontext=\fP\fIcontext\fP, \fBfscontext=\fP\fIcontext\fP, \fBdefcontext=\fP\fIcontext\fP and \fBrootcontext=\fP\fIcontext\fP The .BR context= option is useful when mounting filesystems that do not support @@ -719,6 +719,12 @@ You can set the default security context for unlabeled files using option. This overrides the value set for unlabeled files in the policy and requires a file system that supports xattr labeling. +The +.BR rootcontext= +option allows you to explicitly label the root inode of a FS being mounted +before that FS or inode because visable to userspace. This was found to be +useful for things like stateless linux. + For more details, see .BR selinux (8) diff --git a/mount/mount.c b/mount/mount.c index e70121ccc..f92b23cba 100644 --- a/mount/mount.c +++ b/mount/mount.c @@ -422,6 +422,10 @@ parse_opt(char *opt, int *mask, char **extra_opts) { if (append_context("defcontext=", opt+11, extra_opts) == 0) return; } + if (strncmp(opt, "rootcontext=", 12) == 0 && *(opt+12)) { + if (append_context("rootcontext=", opt+12, extra_opts) == 0) + return; + } #endif *extra_opts = append_opt(*extra_opts, opt, NULL); } |