Date: Thu, 15 Aug 2002 06:52:35 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 16021 for review Message-ID: <200208151352.g7FDqZrE033732@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16021 Change 16021 by rwatson@rwatson_tislabs on 2002/08/15 06:52:30 Modify diskless mount so that it unmounts and remounts md UFS1 file systems when enabling labeling -- this will prevent cached mount labels from interfering with retrieving labels now available via EAs. This assumes UFS_EXTATTR_AUTOSTART. Affected files ... .. //depot/projects/trustedbsd/mac/etc/rc.diskless2#26 edit Differences ... ==== //depot/projects/trustedbsd/mac/etc/rc.diskless2#26 (text+ko) ==== @@ -46,15 +46,20 @@ /sbin/mount /dev/md$3c $2 } +# Enable label support on a UFS1 md file system +# $1 = mountpoint +# $2 = md device +# XXX: Assumes auto-start multilabel_md() { labelsize=`/sbin/sysctl -n security.mac.label_size` /bin/mkdir -p $1/.attribute/system /usr/sbin/extattrctl initattr -f -p $1 ${labelsize} \ $1/.attribute/system/freebsd.mac - /usr/sbin/extattrctl start $1 - /usr/sbin/extattrctl enable $1 system freebsd.mac \ - $1/.attribute/system/freebsd.mac - /sbin/mount -u -o multilabel $1 + #/usr/sbin/extattrctl start $1 + #/usr/sbin/extattrctl enable $1 system freebsd.mac \ + # $1/.attribute/system/freebsd.mac + /sbin/umount $1 + /sbin/mount -o multilabel /dev/md$2c $1 } # If there is a global system configuration file, suck it in. @@ -71,7 +76,7 @@ # If running with MAC support, must configure labeling for /var if sysctl security.mac > /dev/null 2>& 1 ; then - multilabel_md /var + multilabel_md /var 1 fi echo "+++ populate /var using /etc/mtree/BSD.var.dist" @@ -125,7 +130,7 @@ # If running with MAC support, must appropriately label /tmp if sysctl security.mac > /dev/null 2>& 1 ; then - multilabel_md /tmp + multilabel_md /tmp 2 /usr/sbin/setfmac biba/equal,mls/equal,te/equal /tmp fi fi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208151352.g7FDqZrE033732>