superblock_doinit emits a message for every mount

superblock_doinit emits a message for every mount

[Eric Paris]

So I recently heard a complaint that we emit a message every time a FS
is mounted.  In this case they have lots of autofs mounts happening in
turn gets lots of messages like:

Dec 18 16:32:06 buildrm55 kernel: SELinux: initialized (dev 0:39, type
nfs), uses genfs_contexts

They all come from superblock_doinit in hooks.c.

printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n",
       sb->s_id, sb->s_type->name,
       labeling_behaviors[sbsec->behavior-1]);

which fill their logs.  They wanted to know if we were willing to give a
way to turn such informational messages off.  I can discuss with
them /proc/sys/kernel/printk and configuring syslog to ignore
kernel.info but I wondered if anyone else had any comments or thought
about these particular messages.  Do we need them?  Are they really
anything other than debugging?

-Eric



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: superblock_doinit emits a message for every mount

[Stephen Smalley]

On Tue, 2006-12-19 at 12:52 -0500, Eric Paris wrote:
> So I recently heard a complaint that we emit a message every time a FS
> is mounted.  In this case they have lots of autofs mounts happening in
> turn gets lots of messages like:
> 
> Dec 18 16:32:06 buildrm55 kernel: SELinux: initialized (dev 0:39, type
> nfs), uses genfs_contexts
> 
> They all come from superblock_doinit in hooks.c.
> 
> printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n",
>        sb->s_id, sb->s_type->name,
>        labeling_behaviors[sbsec->behavior-1]);
> 
> which fill their logs.  They wanted to know if we were willing to give a
> way to turn such informational messages off.  I can discuss with
> them /proc/sys/kernel/printk and configuring syslog to ignore
> kernel.info but I wondered if anyone else had any comments or thought
> about these particular messages.  Do we need them?  Are they really
> anything other than debugging?

They could likely be demoted to KERN_DEBUG.  Along with most of the
other printk KERN_INFO messages in hooks.c.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: superblock_doinit emits a message for every mount

[Steve G]

>Do we need them?  Are they really anything other than debugging?

Seems like that should be KERN_DEBUG if we keep it. If there's anything important
regarding security attributes, it should go to audit logs, errors should go to
syslog, everything else is noise/debug.

-Steve

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.