diff options
| author | Brian Behlendorf <[email protected]> | 2010-12-16 14:26:08 -0800 |
|---|---|---|
| committer | Brian Behlendorf <[email protected]> | 2011-01-28 12:45:19 -0800 |
| commit | b3259b6a2ba29595dc5f2df0f6def8c7fc6bcb98 (patch) | |
| tree | 57c70e929f1dd3ec12243144ea542b51c3dade56 /config | |
| parent | 95c73795b001267d6b683b71e8abe51de4b0c938 (diff) | |
Autoconf selinux support
If libselinux is detected on your system at configure time link
against it. This allows us to use a library call to detect if
selinux is enabled and if it is to pass the mount option:
"context=\"system_u:object_r:file_t:s0"
For now this is required because none of the existing selinux
policies are aware of the zfs filesystem type. Because of this
they do not properly enable xattr based labeling even though
zfs supports all of the required hooks.
Until distro's add zfs as a known xattr friendly fs type we
must use mntpoint labeling. Alternately, end users could modify
their existing selinux policy with a little guidance.
Diffstat (limited to 'config')
| -rw-r--r-- | config/user-selinux.m4 | 36 | ||||
| -rw-r--r-- | config/user.m4 | 1 |
2 files changed, 37 insertions, 0 deletions
diff --git a/config/user-selinux.m4 b/config/user-selinux.m4 new file mode 100644 index 000000000..84df6ce7b --- /dev/null +++ b/config/user-selinux.m4 @@ -0,0 +1,36 @@ +dnl # +dnl # Check to see if the selinux libraries are available. If they +dnl # are then they will be consulted during mount to determine if +dnl # selinux is enabled or disabled. +dnl # +AC_DEFUN([ZFS_AC_CONFIG_USER_LIBSELINUX], [ + AC_ARG_WITH([selinux], + [AS_HELP_STRING([--with-selinux], + [support selinux @<:@default=check@:>@])], + [], + [with_selinux=check]) + + LIBSELINUX= + AS_IF([test "x$with_selinux" != xno], [ + AC_CHECK_HEADER([selinux/selinux.h], [ + AC_CHECK_LIB([selinux], [is_selinux_enabled], [ + AC_SUBST([LIBSELINUX], ["-lselinux"]) + AC_DEFINE([HAVE_LIBSELINUX], 1, + [Define if you have selinux]) + ], [ + AS_IF([test "x$with_selinux" != xcheck], + [AC_MSG_FAILURE( + [--with-selinux given but unavailable]) + ]) + ]) + ], [ + AS_IF([test "x$with_selinux" != xcheck], + [AC_MSG_FAILURE( + [--with-selinux given but unavailable]) + ]) + ]) + ], [ + AC_MSG_CHECKING([for selinux support]) + AC_MSG_RESULT([no]) + ]) +]) diff --git a/config/user.m4 b/config/user.m4 index bc68808f8..6f0276937 100644 --- a/config/user.m4 +++ b/config/user.m4 @@ -8,6 +8,7 @@ AC_DEFUN([ZFS_AC_CONFIG_USER], [ ZFS_AC_CONFIG_USER_ZLIB ZFS_AC_CONFIG_USER_LIBUUID ZFS_AC_CONFIG_USER_LIBBLKID + ZFS_AC_CONFIG_USER_LIBSELINUX ZFS_AC_CONFIG_USER_FRAME_LARGER_THAN ZFS_AC_CONFIG_USER_STACK_GUARD ]) |