[refpolicy] kernel_filesystem.patch

Christopher J. PeBenito cpebenito at tresys.com
Wed Mar 4 10:16:10 CST 2009


On Mon, 2009-03-02 at 17:20 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/kernel_filesystem.patch
> 
> 
> Add label for /dev/shm to be tmpfs_t

I'm not sure we want this.  If a tmpfs isn't mounted there, I think we
want the directory to remain device_t.

> Add lots of interfaces for cifs, nfs, dos 

I did some rearrangement.  I also dropped the
fs_dontaudit_list_cifs_dirs() as there already is a
fs_dontaudit_list_cifs().

Otherwise, merged.

> to handle things like xdm appending .xsession-errors in homedirs if they are nfs, or cifs
> 
> Allow people to mounton cifs and nfs file systems (they do)
> 
> Interfaces to handle new fusefs in the homedir.
> 
> Fix sorting on btfs in filesystem.te
> 
> Add type for ecryptfs_t
> 
> Add types for vmblock file systems
> 
> Setup ncpfs and dazukofs as nfs_t 

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



More information about the refpolicy mailing list