[Gluster-devel] RFC: FUSE kernel features to be adopted by GlusterFS
Csaba Henk
chenk at redhat.com
Fri Nov 10 18:59:33 UTC 2017
On Fri, Nov 10, 2017 at 10:40 AM, Niels de Vos <ndevos at redhat.com> wrote:
> On Thu, Nov 09, 2017 at 06:01:10PM -0500, Jeff Darcy wrote:
>> > So - nothing inherent to libfuse and nothing that would be relevant as
>> > of today.
>> >
>> > But then, let me put it like this: what reason could we have to *not* go
>> > with xglfs in 4.0? It's true that the deliverables are present in libfuse
>> > and
>> > libgfapi and it's just a thin glue. As such it seems to be almost devoid
>> > of design concerns, it just bridges the two interfaces in a
>> > straightforward manner. Superficially it seems to be a superior approach
>> > - what snag holds us back to embrace it wholeheartedly?
>>
>> What about https://review.gluster.org/#/c/3341/ and its antecedents?
>> Libfuse used to be unable to deal with SELinux's behavior of trying to
>> issue a getxattr from within the mount call. Have either libfuse or
>> SELinux fixed that? There might be other local changes that we'd need
>> to verify in similar fashion.
>
> The FUSE kernel module reverted patches that made it support SELinux.
> Currently no FUSE filesystem can support SELinux :-(
>
> There has been some work done through
> https://bugzilla.redhat.com/1272868 , but we need to spend more time on
> it to get the kernel work functional. IIRC it needs some changes in the
> SELinux part, VFS-hooks and FUSE. Once that is in place, we can see how
> it works together with the selinux-policy, our fuse implementation and
> libfuse.
Also, apart from aforementioned work in general VFS scope, Brian Foster
proposed some kernel patches for fuse, but he did not take it as far as to
get it merged. See mail "[PATCH v2 0/3] fuse: support selinux extended
attributes"
on fuse-devel,
http://fuse.996288.n3.nabble.com/PATCH-v2-0-3-fuse-support-selinux-extended-attributes-tt11871.html
Csaba
More information about the Gluster-devel
mailing list