summaryrefslogtreecommitdiffstats
path: root/xlators/mount/fuse/src/fuse-bridge.c
diff options
context:
space:
mode:
authorAnand Avati <avati@redhat.com>2012-05-29 22:01:42 -0700
committerAnand Avati <avati@redhat.com>2012-05-29 22:58:07 -0700
commitf69785a9e3f9ad55e81f1fe8212485b7e4dc11fe (patch)
tree7c0ccc27d3f9ebbd13322260837cf24ccc0792a7 /xlators/mount/fuse/src/fuse-bridge.c
parent647f561f6ad16174da700ea6b70f01b6e0ae6d96 (diff)
fuse: make SELinux support configurable
Make support for SELinux labels (extended attributes) configurable and disabled by default as it can cause significant performance penalty when enabled (it need not be enabled unless specially crafted policies are set -- which is not by default) Change-Id: I97bc4b1c26cf055fd520e9bf2d49e52b14fe7515 BUG: 811217 Signed-off-by: Anand Avati <avati@redhat.com> Reviewed-on: http://review.gluster.com/3485 Tested-by: Gluster Build System <jenkins@build.gluster.com>
Diffstat (limited to 'xlators/mount/fuse/src/fuse-bridge.c')
-rw-r--r--xlators/mount/fuse/src/fuse-bridge.c35
1 files changed, 21 insertions, 14 deletions
diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c
index 42190083a27..fa728604daf 100644
--- a/xlators/mount/fuse/src/fuse-bridge.c
+++ b/xlators/mount/fuse/src/fuse-bridge.c
@@ -2641,13 +2641,13 @@ fuse_setxattr (xlator_t *this, fuse_in_header_t *finh, void *msg)
}
}
-#ifdef DISABLE_SELINUX
- if (!strncmp (name, "security.", 9)) {
- send_fuse_err (this, finh, EOPNOTSUPP);
- GF_FREE (finh);
- return;
- }
-#endif
+ if (!priv->selinux) {
+ if (strncmp (name, "security.", 9) == 0) {
+ send_fuse_err (this, finh, EOPNOTSUPP);
+ GF_FREE (finh);
+ return;
+ }
+ }
/* Check if the command is for changing the log
level of process or specific xlator */
@@ -2913,13 +2913,13 @@ fuse_getxattr (xlator_t *this, fuse_in_header_t *finh, void *msg)
}
}
-#ifdef DISABLE_SELINUX
- if (!strncmp (name, "security.", 9)) {
- send_fuse_err (this, finh, ENODATA);
- GF_FREE (finh);
- return;
- }
-#endif
+ if (!priv->selinux) {
+ if (strncmp (name, "security.", 9) == 0) {
+ send_fuse_err (this, finh, ENODATA);
+ GF_FREE (finh);
+ return;
+ }
+ }
GET_STATE (this, finh, state);
@@ -4496,6 +4496,13 @@ init (xlator_t *this_xl)
if (priv->uid_map_root)
priv->acl = 1;
+ priv->selinux = 0;
+ ret = dict_get_str (options, "selinux", &value_string);
+ if (ret == 0) {
+ ret = gf_string2boolean (value_string, &priv->selinux);
+ GF_ASSERT (ret == 0);
+ }
+
priv->read_only = 0;
ret = dict_get_str (options, "read-only", &value_string);
if (ret == 0) {