Re: SELinux and non-ext[23] file systems

[Hans Reiser <reiser@namesys.com>]

Harald von Fellenberg - Sun Switzerland Zurich - Technology Strategy 
Office wrote:

>IT WORKS ON REISERFS!!!
>
>Why did you not tell me before ... :-)
>I will now invest my brain cycles on making the utils compile under Suse 7.x
>
>Thanks and regards
>
>Harald
>PS here my patch :-)
>
>--- setfiles/Makefile.orig      Wed Jul 18 22:38:11 2001
>+++ setfiles/Makefile   Mon Nov 19 16:19:18 2001
>@@ -9,6 +9,7 @@
> 
> relabel:  $(FILECONTEXTS) setfiles
>        ./setfiles $(FILECONTEXTS) `mount | awk '/ext2/{print $$3}'`
>+       ./setfiles $(FILECONTEXTS) `mount | awk '/reiserfs/{print $$3}'`
>        touch relabel
> 
> install:  relabel
>
>>On Mon, 19 Nov 2001, Harald von Fellenberg - Sun Switzerland Zurich - 
>>
>Technology Strategy Office wrote:
>
>>>This said, I would like to re-raise the importance of non-ext2 file system
>>>support, notably ReiserFS. It has been pointed out before, by Stephen 
>>>
>Smalley,
>
>>>that this should in principle be easy to integrate (the per-node sec context
>>>needs to be stored in a file rather than in an unused field of the on-disk 
>>>
>inode
>
>>>structure). However, I am not aware of anyone tackling this implementation.
>>>
>>Only the original SELinux prototype was limited to the ext2 filesystem,
>>due to the use of a spare field in the on-disk ext2 inode to store the
>>persistent security identifier (PSID).  When we transitioned to LSM, we
>>extended the persistent label mapping to maintain the inode-to-PSID
>>mapping as a regular file because LSM does not provide filesystem-specific
>>hooks.  Hence, the LSM-based SELinux prototype should be able to use
>>ReiserFS, although we haven't tried it.
>>
>>--
>>Stephen D. Smalley, NAI Labs
>>ssmalley@nai.com
>>
>>
>>
>>
>>
>>--
>>You have received this message because you are subscribed to the selinux list.
>>If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>>the words "unsubscribe selinux" without quotes as the message.
>>
>
>**********************************************************
> Dr. Harald von Fellenberg  
> Chief Technologist        Global Sales Organisation
> Tel:    +41 1 908 9230    Sun Microsystems (Schweiz) AG
> Fax:    +41 1 908 9001    Javastr. 2 
> Mobile: +41 79 349 0393   CH-8604 Volketswil
> mailto:harald.von-fellenberg@sun.com
>**********************************************************
>
>
>--
>You have received this message because you are subscribed to the selinux list.
>If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>the words "unsubscribe selinux" without quotes as the message.
>
>
Please let me know if you need anything from the reiserfs team to assist 
you in integrating SE Linux and reiserfs.  Also, if you are interested 
in producing anything that might go into our faq, or as a patch on our 
download page, let me know.

If anyone involved in SE Linux is interested in working with us, let me 
encourage you to view www.namesys.com/v4/v4.html, and feel free to ask 
us to add new features that make your work easier.

Hans



--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.