fuse: make SELinux support configurable

Make support for SELinux labels (extended attributes) configurable and disabled by default as it can cause significant performance penalty when enabled (it need not be enabled unless specially crafted policies are set -- which is not by default) Change-Id: I97bc4b1c26cf055fd520e9bf2d49e52b14fe7515 BUG: 811217 Signed-off-by: Anand Avati <avati@redhat.com> Reviewed-on: http://review.gluster.com/3484 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amarts@redhat.com>
author: Anand Avati <avati@redhat.com> 2012-05-29 22:01:42 -0700
committer: Anand Avati <avati@redhat.com> 2012-05-29 22:50:31 -0700
commit: be395fe8a31a580510595b672f72626d61d81493 (patch)
tree: 8383a3e20c807123350b63809237f356ae5a6714 /glusterfsd
parent: 1c2624a3ff8a0d72bc88b1b869c255e3ca4c395d (diff)
2 files changed, 16 insertions, 0 deletions
diff --git a/glusterfsd/src/glusterfsd.c b/glusterfsd/src/glusterfsd.c
index 903eac72ae6..ebd12bf0b99 100644
--- a/glusterfsd/src/glusterfsd.c
+++ b/glusterfsd/src/glusterfsd.c
@@ -152,6 +152,8 @@ static struct argp_option gf_options[] = {
          "Mount the filesystem in 'read-only' mode"},
         {"acl", ARGP_ACL_KEY, 0, 0,
          "Mount the filesystem with POSIX ACL support"},
+        {"selinux", ARGP_SELINUX_KEY, 0, 0,
+         "Enable SELinux label (extened attributes) support on inodes"},
         {"worm", ARGP_WORM_KEY, 0, 0,
          "Mount the filesystem in 'worm' mode"},
         {"mac-compat", ARGP_MAC_COMPAT_KEY, "BOOL", OPTION_ARG_OPTIONAL,
@@ -348,6 +350,15 @@ create_fuse_mount (glusterfs_ctx_t *ctx)
                 }
         }
 
+        if (cmd_args->selinux) {
+                ret = dict_set_static_ptr (master->options, "selinux", "on");
+                if (ret < 0) {
+                        gf_log ("glusterfsd", GF_LOG_ERROR,
+                                "failed to set dict value for key selinux");
+                        goto err;
+                }
+        }
+
         if (cmd_args->read_only) {
                 ret = dict_set_static_ptr (master->options, "read-only", "on");
                 if (ret < 0) {
@@ -564,6 +575,10 @@ parse_opts (int key, char *arg, struct argp_state *state)
                 cmd_args->acl = 1;
                 break;
 
+        case ARGP_SELINUX_KEY:
+                cmd_args->selinux = 1;
+                break;
+
         case ARGP_WORM_KEY:
                 cmd_args->worm = 1;
                 break;
diff --git a/glusterfsd/src/glusterfsd.h b/glusterfsd/src/glusterfsd.h
index 21f1cbb6c24..8ec121954bb 100644
--- a/glusterfsd/src/glusterfsd.h
+++ b/glusterfsd/src/glusterfsd.h
@@ -86,6 +86,7 @@ enum argp_option_keys {
         ARGP_WORM_KEY                     = 155,
         ARGP_USER_MAP_ROOT_KEY            = 156,
         ARGP_MEM_ACCOUNTING_KEY           = 157,
+        ARGP_SELINUX_KEY                  = 158,
 };
 
 struct _gfd_vol_top_priv_t {
author	Anand Avati <avati@redhat.com>	2012-05-29 22:01:42 -0700
committer	Anand Avati <avati@redhat.com>	2012-05-29 22:50:31 -0700
commit	be395fe8a31a580510595b672f72626d61d81493 (patch)
tree	8383a3e20c807123350b63809237f356ae5a6714 /glusterfsd
parent	1c2624a3ff8a0d72bc88b1b869c255e3ca4c395d (diff)