Details
-
Bug
-
Resolution: Fixed
-
Minor
-
Lustre 2.5.0, Lustre 2.7.0, Lustre 2.8.0
-
3
-
9223372036854775807
Description
In append_context_for_mount() the SELinux context of the temporary directory is appended to the mount options by
strcat(mop->mo_ldd.ldd_mount_opts, ",context=");
strcat(mop->mo_ldd.ldd_mount_opts, fcontext);
This is incorrect since as mount.8 notes
Warning: the context value might contain commas, in which case the value
has to be properly quoted, otherwise mount(8) will interpret the comma as
a separator between mount options. Don't forget that the shell strips
off quotes and thus double quoting is required. For example:
mount -t tmpfs none /mnt -o 'context="system_u:object_r:tmp_t:s0:c127,c456",noexec'
For more details, see selinux(8).