On Fri, 2004-10-08 at 13:29 -0400, Stephen Smalley wrote:
On Fri, 2004-10-08 at 13:23, Justin Conover wrote:
Is there any downside to running xfs with selinux?
I'm just testing(playing) with test2 and I was thinking of using lvm/xfs/selinux. Choosing xfs because it is a good fs and easier to grow online than ext3. Plus I'm just testing :)
We haven't tried xfs with SELinux ourselves, but it _should_ work. Please report any problems. It has xattr handlers for the security namespace. There was an earlier problem with xfs preventing SELinux from internally accessing the xattrs, but I believe that has been fixed.
The one catch is to use a larger inode size; 512 should be sufficient. XFS stores the xattr in the inode if there's enough space in it. Otherwise it has to allocate a whole block to store the xattr, which incurs a performance penalty and a waste of space. The default size (256) isn't big enough for the context. So when you mkfs, add -i size=512 to the command line options.