[redhat-lspp] cannot mount filesystem with category list in context
Stephen Smalley
sds at tycho.nsa.gov
Thu Oct 19 12:11:28 UTC 2006
On Wed, 2006-10-18 at 23:47 -0300, Thiago Jung Bauermann wrote:
> Hi,
>
> I was playing with mounting filesystems specifying a context to the
> mount command, and came across this limitation:
>
> # mount -o loop,context=root:object_r:root_t:s0:c1,c4 foo /mnt
> mount: wrong fs type, bad option, bad superblock on /dev/loop0,
> missing codepage or other error
> In some cases useful info is found in syslog - try
> dmesg | tail or so
>
> On the other hand, this works:
>
> # mount -o loop,context=root:object_r:root_t:s0:c1.c4 foo /mnt
> #
>
> The "c1,c4" part of the context in the 1st command above is probably
> being misinterpeted by the mount command, which uses comma to separate
> options. Thus, it must be seeing a separate "c4" option to the
> filesystem which is false. Is there a way to work around this?
See:
http://marc.theaimsgroup.com/?l=selinux&m=115944972832553&w=2
http://marc.theaimsgroup.com/?l=selinux&m=115944972813825&w=2
http://marc.theaimsgroup.com/?l=selinux&m=115944972820896&w=2
http://marc.theaimsgroup.com/?l=selinux&m=115944975417952&w=2
The kernel patch was upstreamed. Dan, did the mount and nfsmount patch
get included into Fedora and RHEL? If not, they need to be.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list