summaryrefslogtreecommitdiffstats
path: root/lib/libzfs
diff options
context:
space:
mode:
authorBrian Behlendorf <[email protected]>2010-12-16 14:26:08 -0800
committerBrian Behlendorf <[email protected]>2011-01-28 12:45:19 -0800
commitb3259b6a2ba29595dc5f2df0f6def8c7fc6bcb98 (patch)
tree57c70e929f1dd3ec12243144ea542b51c3dade56 /lib/libzfs
parent95c73795b001267d6b683b71e8abe51de4b0c938 (diff)
Autoconf selinux support
If libselinux is detected on your system at configure time link against it. This allows us to use a library call to detect if selinux is enabled and if it is to pass the mount option: "context=\"system_u:object_r:file_t:s0" For now this is required because none of the existing selinux policies are aware of the zfs filesystem type. Because of this they do not properly enable xattr based labeling even though zfs supports all of the required hooks. Until distro's add zfs as a known xattr friendly fs type we must use mntpoint labeling. Alternately, end users could modify their existing selinux policy with a little guidance.
Diffstat (limited to 'lib/libzfs')
-rw-r--r--lib/libzfs/Makefile.am2
-rw-r--r--lib/libzfs/Makefile.in4
-rw-r--r--lib/libzfs/libzfs_mount.c9
3 files changed, 13 insertions, 2 deletions
diff --git a/lib/libzfs/Makefile.am b/lib/libzfs/Makefile.am
index 70210c35b..de5212234 100644
--- a/lib/libzfs/Makefile.am
+++ b/lib/libzfs/Makefile.am
@@ -6,7 +6,7 @@ DEFAULT_INCLUDES += \
lib_LTLIBRARIES = libzfs.la
-libzfs_la_LDFLAGS = -lm
+libzfs_la_LDFLAGS = -lm $(LIBSELINUX)
libzfs_la_LIBADD = \
$(top_builddir)/lib/libefi/libefi.la \
diff --git a/lib/libzfs/Makefile.in b/lib/libzfs/Makefile.in
index 741f39da4..c8b500466 100644
--- a/lib/libzfs/Makefile.in
+++ b/lib/libzfs/Makefile.in
@@ -67,6 +67,7 @@ am__aclocal_m4_deps = \
$(top_srcdir)/config/user-libshare.m4 \
$(top_srcdir)/config/user-libuuid.m4 \
$(top_srcdir)/config/user-nptl_guard_within_stack.m4 \
+ $(top_srcdir)/config/user-selinux.m4 \
$(top_srcdir)/config/user-zlib.m4 $(top_srcdir)/config/user.m4 \
$(top_srcdir)/config/zfs-build.m4 \
$(top_srcdir)/config/zfs-meta.m4 $(top_srcdir)/configure.ac
@@ -197,6 +198,7 @@ LDFLAGS = @LDFLAGS@
LIBBLKID = @LIBBLKID@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
+LIBSELINUX = @LIBSELINUX@
LIBTOOL = @LIBTOOL@
LIBUUID = @LIBUUID@
LINUX = @LINUX@
@@ -314,7 +316,7 @@ AM_CFLAGS = -Wall -Wstrict-prototypes -fno-strict-aliasing \
-D_POSIX_PTHREAD_SEMANTICS -D_FILE_OFFSET_BITS=64 \
-D_LARGEFILE64_SOURCE -DTEXT_DOMAIN=\"zfs-linux-user\"
lib_LTLIBRARIES = libzfs.la
-libzfs_la_LDFLAGS = -lm
+libzfs_la_LDFLAGS = -lm $(LIBSELINUX)
libzfs_la_LIBADD = \
$(top_builddir)/lib/libefi/libefi.la \
$(top_builddir)/lib/libuutil/libuutil.la
diff --git a/lib/libzfs/libzfs_mount.c b/lib/libzfs/libzfs_mount.c
index 88bd0714e..9950bf967 100644
--- a/lib/libzfs/libzfs_mount.c
+++ b/lib/libzfs/libzfs_mount.c
@@ -72,6 +72,9 @@
#include <sys/mntent.h>
#include <sys/mount.h>
#include <sys/stat.h>
+#ifdef HAVE_LIBSELINUX
+#include <selinux/selinux.h>
+#endif /* HAVE_LIBSELINUX */
#include <libzfs.h>
@@ -277,6 +280,12 @@ zfs_mount(zfs_handle_t *zhp, const char *options, int flags)
if (zpool_get_prop_int(zhp->zpool_hdl, ZPOOL_PROP_READONLY, NULL))
flags |= MS_RDONLY;
+#ifdef HAVE_LIBSELINUX
+ if (is_selinux_enabled())
+ (void) strlcat(mntopts, ",context=\"system_u:"
+ "object_r:file_t:s0\"", sizeof (mntopts));
+#endif /* HAVE_LIBSELINUX */
+
if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL))
return (0);