SELinux and ReiserFS
Russell Coker
russell at coker.com.au
Mon Apr 12 13:17:26 UTC 2004
On Tue, 6 Apr 2004 23:38, Pete Chown <1 at 234.cx> wrote:
> As I understand it, Hans Reiser has indicated that he will only accept
> bugfixes for reiser3. It is therefore very unlikely that anyone could
> come up with a patch which would be merged upstream. Reiser4 will
> support file metadata from the beginning, but of course it's not
> available yet.
Hans and I get along well. I have used ReiserFS since the early days,
benchmarked it and tested it in various other ways, make detailed bug
reports, and generally helped it get accepted.
Hans told me that there would never be official support for XATTR on ReiserFS
3, which led to me removing ReiserFS from all my systems.
I think that it's quite safe to consider support for XATTR on Reiser3 to be
impossible for Red Hat.
That said, the "-o context=" mount option should do well for any situation
where you REALLY need ReiserFS. ReiserFS performs really well for Maildir
format mail spools on large mail servers, the original INN news spool, squid,
and for other applications that manage large numbers of small files. In all
those situations -o context will do really well.
In fact for such situations where you have a file system dedicated to one type
of file even when using other file systems using the -o context mount option
may be advisable. For Ext2/3 the space overhead of an xattr on each file is
not significant (based on my recollection of a conversation with sct it's one
xattr block per 1024 files). However labelling a file system with >1M files
will take quite a bit of time as will re-labelling such a file system after a
serious disk error. For large file systems of Ext2/3 using -o context will
save some significant amount of labelling time which is a definite benefit.
Currently mkfs.xfs in Fedora defaults to a 256 byte Inode (see below bugzilla
URL for the details). This means that existing XFS file systems will not be
good candidates for being labelled with SE Linux contexts. I believe that we
have never provided a method for install to an XFS root fs, so most use of
XFS in Fedora should be for /mail, /var/spool/news, /var/cache/squid, etc.
Using -o context for such file systems should provide significant benefits
for disk space use and performance.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120622
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list