From 5b5f03d2665687ab717f123da1266bcd3a83da0f Mon Sep 17 00:00:00 2001
From: Poornima G <pgurusid@redhat.com>
Date: Fri, 26 Feb 2016 06:42:14 -0500
Subject: fuse: Add a new mount option capability

Originally all security.* xattrs were forbidden if selinux is disabled,
which was causing Samba's acl_xattr module to not work, as it would
store the NTACL in security.NTACL. To fix this http://review.gluster.org/#/c/12826/
was sent, which forbid only security.selinux. This opened up a getxattr
call on security.capability before every write fop and others.

Capabilities can be used without selinux, hence if selinux is disabled,
security.capability cannot be forbidden. Hence adding a new mount
option called capability.

Only when "--capability" or "--selinux" mount option is used,
security.capability is sent to the brick, else it is forbidden.

Change-Id: I77f60e0fb541deaa416159e45c78dd2ae653105e
BUG: 1309462
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-on: http://review.gluster.org/13540
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
---
 libglusterfs/src/glusterfs.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'libglusterfs')

diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h
index 2eba9d19232..9dcaadfa645 100644
--- a/libglusterfs/src/glusterfs.h
+++ b/libglusterfs/src/glusterfs.h
@@ -455,6 +455,7 @@ struct _cmd_args {
         int              read_only;
         int              acl;
         int              selinux;
+        int              capability;
         int              enable_ino32;
         int              worm;
         int              mac_compat;
-- 
cgit