From: Alexey Lyashkov Date: Fri, 8 Nov 2019 07:58:28 +0000 (+0300) Subject: LU-12214 selinux: Remove concatenating of selinux context X-Git-Tag: 2.13.52~94 X-Git-Url: https://git.whamcloud.com/?p=fs%2Flustre-release.git;a=commitdiff_plain;h=ece2bf7fcf527eb09a99f5d9e9e8c0b4c20af0e2 LU-12214 selinux: Remove concatenating of selinux context Remove concatenating of context for the temporary mount point if selinux is enabled. mount.zfs don't have that option, so revert it for consistency. It can be added with -o option if needed. Cray-bug-id: LUS-5992 Test-Parameters: clientselinux mdtcount=4 testlist=sanity,recovery-small,sanity-sec,sanity-selinux Change-Id: If471de13e201c5cdcb28631b90b2efa13d8f2b4f Signed-off-by: Alexey Lyashkov Reviewed-on: https://review.whamcloud.com/36423 Tested-by: jenkins Tested-by: Maloo Reviewed-by: Sebastien Buisson Reviewed-by: Shaun Tancheff Reviewed-by: Oleg Drokin --- diff --git a/lustre/utils/Makefile.am b/lustre/utils/Makefile.am index 9cb0e6f..609261e 100644 --- a/lustre/utils/Makefile.am +++ b/lustre/utils/Makefile.am @@ -166,7 +166,7 @@ if LDISKFS_ENABLED noinst_LIBRARIES += libmount_utils_ldiskfs.a libmount_utils_ldiskfs_a_SOURCES = libmount_utils_ldiskfs.c -libmount_utils_ldiskfs_a_CPPFLAGS := $(SELINUX) +libmount_utils_ldiskfs_a_CPPFLAGS := if PLUGINS lib_LTLIBRARIES += libmount_utils_ldiskfs.la @@ -174,7 +174,7 @@ libmount_utils_ldiskfs.la : libmount_utils_ldiskfs.a $(CC) $(LDFLAGS) $(MNTMODLDFLAGS) -shared -export-dynamic \ -o mount_osd_ldiskfs.so \ `$(AR) -t libmount_utils_ldiskfs.a` \ - $(MNTMODLIBS) $(SELINUX) + $(MNTMODLIBS) else PLUGIN_LIB += libmount_utils_ldiskfs.a endif # PLUGINS diff --git a/lustre/utils/libmount_utils_ldiskfs.c b/lustre/utils/libmount_utils_ldiskfs.c index 56dd609..9586396 100644 --- a/lustre/utils/libmount_utils_ldiskfs.c +++ b/lustre/utils/libmount_utils_ldiskfs.c @@ -74,10 +74,6 @@ #include #include -#ifdef HAVE_SELINUX -#include -#endif - #include "mount_utils.h" #define MAX_HW_SECTORS_KB_PATH "queue/max_hw_sectors_kb" @@ -98,30 +94,6 @@ static void append_unique(char *buf, char *prefix, char *key, char *val, static bool is_e2fsprogs_feature_supp(const char *feature); static void disp_old_e2fsprogs_msg(const char *feature, int make_backfs); -/* - * Concatenate context of the temporary mount point if selinux is enabled - */ -#ifdef HAVE_SELINUX -static void append_context_for_mount(char *mntpt, struct mkfs_opts *mop) -{ - security_context_t fcontext; - - if (getfilecon(mntpt, &fcontext) < 0) { - /* Continuing with default behaviour */ - fprintf(stderr, "%s: Get file context failed : %s\n", - progname, strerror(errno)); - return; - } - - if (fcontext != NULL) { - append_unique(mop->mo_ldd.ldd_mount_opts, - ",", "context", fcontext, - sizeof(mop->mo_ldd.ldd_mount_opts)); - freecon(fcontext); - } -} -#endif - /* Determine if a device is a block device (as opposed to a file) */ static int is_block(char *devname) { @@ -204,14 +176,6 @@ int ldiskfs_write_ldd(struct mkfs_opts *mop) return errno; } - /* - * Append file context to mount options if SE Linux is enabled - */ - #ifdef HAVE_SELINUX - if (is_selinux_enabled() > 0) - append_context_for_mount(mntpt, mop); - #endif - dev = mop->mo_device; if (mop->mo_flags & MO_IS_LOOP) dev = mop->mo_loopdev; @@ -1416,14 +1380,6 @@ int ldiskfs_rename_fsname(struct mkfs_opts *mop, const char *oldname) return ret; } -#ifdef HAVE_SELINUX - /* - * Append file context to mount options if SE Linux is enabled - */ - if (is_selinux_enabled() > 0) - append_context_for_mount(mntpt, mop); -#endif - if (mop->mo_flags & MO_IS_LOOP) dev = mop->mo_loopdev; else