diff options
| author | Dave Quigley <dpquigl@taiga.selinuxproject.org> | 2012-02-21 12:53:13 -0500 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2012-02-21 12:53:13 -0500 |
| commit | 6523cedb3d95a99b828a264de8d2921c01a9a949 (patch) | |
| tree | 8014e688ed904d161913ad89393d72af9b9e22f2 | |
| parent | a9b897fe1aaf4927478350d4e927cf69b45b8aab (diff) | |
| download | nfs-utils-lnfsd-export.tar.gz | |
Add support to specify which exports will provide Labeled NFS support.lnfsd-export
Signed-off-by: Steve Dickson <steved@redhat.com>
| -rw-r--r-- | support/include/nfs/export.h | 3 | ||||
| -rw-r--r-- | support/nfs/exports.c | 6 | ||||
| -rw-r--r-- | utils/exportfs/exportfs.c | 2 | ||||
| -rw-r--r-- | utils/exportfs/exports.man | 4 |
4 files changed, 13 insertions, 2 deletions
diff --git a/support/include/nfs/export.h b/support/include/nfs/export.h index 1547a87..b8e2fb0 100644 --- a/support/include/nfs/export.h +++ b/support/include/nfs/export.h @@ -17,7 +17,8 @@ #define NFSEXP_ALLSQUASH 0x0008 #define NFSEXP_ASYNC 0x0010 #define NFSEXP_GATHERED_WRITES 0x0020 -/* 40, 80, 100 unused */ +#define NFSEXP_SECURITY_LABEL 0x0040 /* Support MAC attribute */ +/* 80, 100 unused */ #define NFSEXP_NOHIDE 0x0200 #define NFSEXP_NOSUBTREECHECK 0x0400 #define NFSEXP_NOAUTHNLM 0x0800 diff --git a/support/nfs/exports.c b/support/nfs/exports.c index c96500f..52346dc 100644 --- a/support/nfs/exports.c +++ b/support/nfs/exports.c @@ -245,6 +245,8 @@ putexportent(struct exportent *ep) fprintf(fp, "%ssync,", (ep->e_flags & NFSEXP_ASYNC)? "a" : ""); fprintf(fp, "%swdelay,", (ep->e_flags & NFSEXP_GATHERED_WRITES)? "" : "no_"); + fprintf(fp, "%ssecurity_label,", (ep->e_flags & NFSEXP_SECURITY_LABEL)? + "" : "no"); fprintf(fp, "%shide,", (ep->e_flags & NFSEXP_NOHIDE)? "no" : ""); fprintf(fp, "%scrossmnt,", (ep->e_flags & NFSEXP_CROSSMOUNT)? @@ -539,6 +541,10 @@ parseopts(char *cp, struct exportent *ep, int warn, int *had_subtree_opt_ptr) setflags(NFSEXP_GATHERED_WRITES, active, ep); else if (!strcmp(opt, "no_wdelay")) clearflags(NFSEXP_GATHERED_WRITES, active, ep); + else if (strcmp(opt, "security_label") == 0) + ep->e_flags |= NFSEXP_SECURITY_LABEL; + else if (strcmp(opt, "nosecurity_label") == 0) + ep->e_flags &= ~NFSEXP_SECURITY_LABEL; else if (strcmp(opt, "root_squash") == 0) setflags(NFSEXP_ROOTSQUASH, active, ep); else if (!strcmp(opt, "no_root_squash")) diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c index 7432a65..009dfef 100644 --- a/utils/exportfs/exportfs.c +++ b/utils/exportfs/exportfs.c @@ -621,6 +621,8 @@ dump(int verbose) c = dumpopt(c, "async"); if (ep->e_flags & NFSEXP_GATHERED_WRITES) c = dumpopt(c, "wdelay"); + if (ep->e_flags & NFSEXP_SECURITY_LABEL) + c = dumpopt(c, "security_label"); if (ep->e_flags & NFSEXP_NOHIDE) c = dumpopt(c, "nohide"); if (ep->e_flags & NFSEXP_CROSSMOUNT) diff --git a/utils/exportfs/exports.man b/utils/exportfs/exports.man index 54adfeb..e324ef6 100644 --- a/utils/exportfs/exports.man +++ b/utils/exportfs/exports.man @@ -329,7 +329,9 @@ is off). .\".TP .\".IR link_absolute .\"Leave all symbolic link as they are. This is the default operation. - +.TP +.IR lnfs +This option enables labeled NFS support on the export. .TP .IR mountpoint= path .TP |