On 2021-02-05 12:01:55, Tyler Hicks wrote:
> On 2020-10-30 09:00:35, Mark Salyzyn wrote:
> > On 10/30/20 8:07 AM, Miklos Szeredi wrote:
> > > On Wed, Oct 21, 2020 at 5:19 PM Mark Salyzyn wrote:
> > > > Because of the overlayfs getxattr recursion, the incoming inode fails
> > > > to update the
On 2020-10-30 09:00:35, Mark Salyzyn wrote:
> On 10/30/20 8:07 AM, Miklos Szeredi wrote:
> > On Wed, Oct 21, 2020 at 5:19 PM Mark Salyzyn wrote:
> > > Because of the overlayfs getxattr recursion, the incoming inode fails
> > > to update the selinux sid resulting in avc denials being reported
> >
On 10/30/20 8:07 AM, Miklos Szeredi wrote:
On Wed, Oct 21, 2020 at 5:19 PM Mark Salyzyn wrote:
Because of the overlayfs getxattr recursion, the incoming inode fails
to update the selinux sid resulting in avc denials being reported
against a target context of u:object_r:unlabeled:s0.
Solution
On Wed, Oct 21, 2020 at 5:19 PM Mark Salyzyn wrote:
>
> Because of the overlayfs getxattr recursion, the incoming inode fails
> to update the selinux sid resulting in avc denials being reported
> against a target context of u:object_r:unlabeled:s0.
>
> Solution is to respond to the
Because of the overlayfs getxattr recursion, the incoming inode fails
to update the selinux sid resulting in avc denials being reported
against a target context of u:object_r:unlabeled:s0.
Solution is to respond to the XATTR_NOSECURITY flag in get xattr
method that calls the __vfs_getxattr
5 matches
Mail list logo