Redux: PSARC/2009/348 Security Labels for ZFS
Ric Aleshire
ric.aleshire at sun.com
Wed Jun 10 11:01:47 PDT 2009
Scott Rotondo wrote:
>
>>
>> When mounting into the global zone proper, the mount will fail
>> if the dataset has any label other than the default ("none") or
>> admin_high/admin_low. No automatic property setting is
>> performed for any mounts into the global zone.
>
> It sounds like there are 3 different values for this property that
> have exactly the same effect. Is there any difference in semantics
> among these?
>
> - slabel=none (or attribute not present)
> - slabel=admin_low
> - slabel=admin_high
>
> If there is no difference, I suggest that there is no reason to store
> the latter two. The zfs set command could accept those values and
> convert them to none, if desired.
>
> Scott
The latter two will prevent the dataset from being mounted in any
labeled zone.
Currently there would be no behavioral distinction between admin_low and
admin_high
zfs labels. However, after zfs labels are established by this case, the
implementation
of the getlabel interfaces, introduced by 2005/723, will be modified to
take advantage
of the zfs property. I anticipate that will result in the ability to
loopback-mount
admin_low datasets into labeled zones, which would be appropriate.
-Ric
More information about the opensolaris-arc
mailing list