[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-nfs
Subject: [PATCH 15/17] Kconfig: Add Kconfig entry for Labeled NFS V4 client
From: Steve Dickson <SteveD () redhat ! com>
Date: 2013-04-29 12:57:17
Message-ID: 1367240239-19326-16-git-send-email-SteveD () redhat ! com
[Download RAW message or body]
From: Steve Dickson <steved@redhat.com>
This patch adds the NFS_V4_SECURITY_LABEL entry which
enables security label support for the NFSv4 client
Signed-off-by: Steve Dickson <steved@redhat.com>
---
fs/nfs/Kconfig | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig
index 79c500e..771831d3 100644
--- a/fs/nfs/Kconfig
+++ b/fs/nfs/Kconfig
@@ -107,6 +107,7 @@ config NFS_V4_1
config NFS_V4_2
bool "NFS client support for NFSv4.2"
depends on NFS_V4_1
+ select NFS_V4_SECURITY_LABEL
help
This option enables support for minor version 1 of the NFSv4 protocol
in the kernel's NFS client.
@@ -140,6 +141,24 @@ config NFS_V4_1_IMPLEMENTATION_ID_DOMAIN
If the NFS client is unchanged from the upstream kernel, this
option should be set to the default "kernel.org".
+config NFS_V4_SECURITY_LABEL
+ bool "Provide Security Label support for NFSv4 client"
+ depends on NFS_V4 && SECURITY
+ help
+
+ Say Y here if you want enable fine-grained security label attribute
+ support for NFS version 4. Security labels allow security modules like
+ SELinux and Smack to label files to facilitate enforcement of their policies.
+ Without this an NFSv4 mount will have the same label on each file.
+
+ If you do not wish to enable fine-grained security labels SELinux or
+ Smack policies on NFSv4 files, say N.
+
+ WARNING: there is still a chance of backwards-incompatible protocol changes.
+ For now we recommend "Y" only for developers and testers."
+
+ If unsure, say N.
+
config ROOT_NFS
bool "Root file system on NFS"
depends on NFS_FS=y && IP_PNP
--
1.8.1.4
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic