Requires: lustre-osd
%endif
# GSS requires this: BuildRequires: pkgconfig, libgssapi-devel >= 0.10
+%if %{_vendor}=="redhat" || %{_vendor}=="fedora"
+#suse don't support selinux
+BuildRequires: libselinux-devel
+Requires: libselinux
+%endif
%description
Userspace tools and files for the Lustre file system.
)
AC_SUBST(ZLIB)
+SELINUX=""
+AC_CHECK_LIB([selinux],
+ [is_selinux_enabled],
+ [AC_CHECK_HEADERS([selinux.h],
+ [SELINUX="-lselinux"
+ AC_DEFINE([HAVE_SELINUX], 1,
+ [support for selinux ])],
+ [AC_MSG_WARN([No selinux-devel package found,
+ unable to build selinux enabled
+ tools])])],
+ [AC_MSG_WARN([No selinux package found, unable to build selinux
+ enabled tools])]
+)
+AC_SUBST(SELINUX)
+
# Super safe df
AC_ARG_ENABLE([mindf],
AC_HELP_STRING([--enable-mindf],
#ifdef HAVE_KERNEL_LOCKED
#include <linux/smp_lock.h>
#endif
+#ifdef HAVE_SELINUX_IS_ENABLED
+#include <linux/selinux.h>
+#endif
/*********** mount lookup *********/
.statfs = server_statfs,
};
+/*
+ * Xattr support for Lustre servers
+ */
+static ssize_t lustre_getxattr(struct dentry *dentry, const char *name,
+ void *buffer, size_t size)
+{
+ if (!selinux_is_enabled())
+ return -EOPNOTSUPP;
+ return -ENODATA;
+}
+
+static int lustre_setxattr(struct dentry *dentry, const char *name,
+ const void *value, size_t size, int flags)
+{
+ return -EOPNOTSUPP;
+}
+
+static ssize_t lustre_listxattr(struct dentry *d_entry, char *name,
+ size_t size)
+{
+ return -EOPNOTSUPP;
+}
+
+const struct inode_operations server_inode_operations = {
+ .setxattr = lustre_setxattr,
+ .getxattr = lustre_getxattr,
+ .listxattr = lustre_listxattr,
+};
+
#define log2(n) ffz(~(n))
#define LUSTRE_SUPER_MAGIC 0x0BD00BD1
/* make_bad_inode(root); -- badness - can't umount */
/* apparently we need to be a directory for the mount to finish */
root->i_mode = S_IFDIR;
-
+ root->i_op = &server_inode_operations;
sb->s_root = d_make_root(root);
if (!sb->s_root) {
CERROR("%s: can't make root dentry\n", sb->s_id);
mount_lustre_SOURCES = mount_lustre.c mount_utils.c mount_utils.h
mount_lustre_CPPFLAGS = $(AM_CPPFLAGS)
-mount_lustre_LDADD := $(LIBPTLCTL)
+mount_lustre_LDADD := $(LIBPTLCTL) $(SELINUX)
mount_lustre_DEPENDENCIES := $(LIBPTLCTL)
if LDISKFS_ENABLED
mount_lustre_SOURCES += mount_utils_ldiskfs.c
#include <lnet/lnetctl.h>
#include <lustre_ver.h>
+#ifdef HAVE_SELINUX
+#include <selinux/selinux.h>
+#endif
+
#define MAX_HW_SECTORS_KB_PATH "queue/max_hw_sectors_kb"
#define MAX_SECTORS_KB_PATH "queue/max_sectors_kb"
#define SCHEDULER_PATH "queue/scheduler"
#define DUMMY_FILE_NAME_LEN 25
#define EXT3_DIRENT_SIZE DUMMY_FILE_NAME_LEN
+/*
+ * Concatenate context of the temporary mount point iff selinux is enabled
+ */
+#ifdef HAVE_SELINUX
+void append_context_for_mount(char *mntpt, struct mkfs_opts *mop)
+{
+ security_context_t fcontext;
+
+ if (getfilecon(mntpt, &fcontext) < 0) {
+ /* Continuing with default behaviour */
+ fprintf(stderr, "%s: Get file context failed : %s\n",
+ progname, strerror(errno));
+ return;
+ }
+
+ if (fcontext != NULL) {
+ strcat(mop->mo_ldd.ldd_mount_opts, ",context=");
+ strcat(mop->mo_ldd.ldd_mount_opts, fcontext);
+ freecon(fcontext);
+ }
+}
+#endif
+
/* Write the server config files */
int ldiskfs_write_ldd(struct mkfs_opts *mop)
{
return errno;
}
+ /*
+ * Append file context to mount options if SE Linux is enabled
+ */
+ #ifdef HAVE_SELINUX
+ if (is_selinux_enabled() > 0)
+ append_context_for_mount(mntpt, mop);
+ #endif
+
dev = mop->mo_device;
if (mop->mo_flags & MO_IS_LOOP)
dev = mop->mo_loopdev;