Re: selinux on zfs(onlinux)

[Matthew Thode <mthode@mthode.org>]

[-- Attachment #1: Type: text/plain, Size: 2519 bytes --]

On 06/06/2013 07:56 PM, Patrick K., ITF wrote:
> Hello,
> 
> Excuse me,  But ZFS is a patented technology Owned by Oracle Inc., and
> only its implementation in CDDL was/is free.
> 
> CDDL is incompatible with GPL,
> 
> How come that ZFS can be used as root File System on Linux then?! , ZFS
> cannot be integrated into kernel due to Legal reasons as explained,
> unless every recipient makes modification and compilation himself/herself.
> 
> Even if you make a Module you cannot distribute it as binary, subject to
> derivative work.
> 
> If you distribute it as Module you must distribute source code, and the
> recipient must compile the whole kernel (on every system that is being
> deployed).
> 
> If you compile into binary module and distribute it, then due to linking
> you still violate CDDL (derivative work)
> 
> All may result in getting sued by Oracle Inc. due to Patent violation.
> 
> 
> Best regards,
> 
>    Patrick K.
> 
> On 6/6/2013 8:14 PM, Matthew Thode wrote:
>> zfs is very close to usable as a root file-system with selinux, but is
>> just missing one thing, it doesn't know what to set the root context to
>> on mount.
>>
>> I am going to petition for this to be added as a property, but should it
>> be called rootcontext (want to make sure it's valid).
>>
>> system_u:object_r:fs_t is what I used just to get my system working
>> (including stuff like /usr, but meh).
>>
>>
>> here is the upstream bug if curious
>> https://github.com/zfsonlinux/zfs/issues/1504
>>
>>

zfs version 28 was released under the cddl, which means it is not able
to be integrated statically into the kernel and then redistributed (my
interpretation).  I can create my own static kernel image with zfs and
use it on my own though (and this is my preferred method of using it).

You are also able to use proprietary kernel modules as well.  Ever use
the AFS (filesystem) on Linux?  Here is a link as to what Linus has to
think on the mater.
http://linuxmafia.com/faq/Kernel/proprietary-kernel-modules.html

The CDDL provides a patent grant and the conflict only affects
distribution of linked binaries on the GPL end.  Since the modules are
from Solaris, they are not considered a derived work, so the derived
work in the GPL is irrelevant.  It is my interpretation that I can make
and distribute a module, but that is not the question here.

So, do you think the name for that zfs property would be accurate
(rootcontext)?

-- 
-- Matthew Thode


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]