Re: How should we handle automount.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Daniel J Walsh <dwalsh@redhat.com>
To: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: SELinux <SELinux@tycho.nsa.gov>
Subject: Re: How should we handle automount.
Date: Mon, 02 May 2005 13:32:46 -0400	[thread overview]
Message-ID: <4276643E.5000904@redhat.com> (raw)
In-Reply-To: <1115053924.1712.40.camel@moss-spartans.epoch.ncsc.mil>

Stephen Smalley wrote:

>On Mon, 2005-05-02 at 11:01 -0400, Daniel J Walsh wrote:
>  
>
>>Needs to be able to create/remove mounton arbitrary directories in 
>>arbitrary locations?
>>    
>>
>
>Allowing it to do so on arbitrary directories doesn't seem desirable,
>any more than allowing mount to mount on arbitrary directories.  Can we
>identify a reasonable set of mount point directories that might be used
>by automount?
>  
>
Automount Maintainer response:
Unfortunately, no.  The users of automount create a varied array of 
directory hierarchies.

>  
>
>>file_domain_auto_trans(automount_t, file_type, autofs_t, dir)  ????
>>    
>>
>
>s/domain/type
>
>  
>
Typo.

>autofs_t is for the autofs inodes themselves, so I don't think you want
>to apply them to the mount point directories.  Does automount always re-
>create the mount point directory, or does it re-use one if it already
>exists?
>
>  
>
I was just looking for a type with mounton type.  Maybe we could create 
an automont_mnt_t

file_type_auto_trans(automount_t, file_type, automount_mnt_t, dir)

>>Then how do we allow automount to delete the directory?
>>    
>>
>
>It would need permissions to the parent, so you need to be able to
>enumerate or identify by attribute what directory types might be used.
>
>  
>
Yup that is the problem.   If there was a way to say automount can only 
remove automount_mnt_t directories.

Dan


-- 



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

     prev parent reply	other threads:[~2005-05-02 17:32 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-05-02 15:01 How should we handle automount Daniel J Walsh
2005-05-02 17:12 ` Stephen Smalley
2005-05-02 17:32   ` Daniel J Walsh [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4276643E.5000904@redhat.com \
    --to=dwalsh@redhat.com \
    --cc=SELinux@tycho.nsa.gov \
    --cc=sds@epoch.ncsc.mil \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.