libfuse: pass security context options to kernel

Mount can be used with an "-o context=" option in order to specify a
mountpoint-wide SELinux security context different from the default context
provided by the active SELinux policy.

This is useful in order to enable users to mount multiple sshfs targets under
distinct contexts, which is my main motivation for getting this patch mainlined.

diff --git a/ChangeLog b/ChangeLog
index eeb4db6433fc036cc18865b83a4c62d6d6197739..a9d972de173f544331c7019a245eadbf0ca3acf1 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,9 @@
 
        * libfuse: fix fs cleanup.  Reported by Eric Wong
 
+       * libfuse: pass security context options to kernel.  Patch by
+       Dalvik Khertel
+
 2013-02-06  Miklos Szeredi <miklos@szeredi.hu>
 
        * libfuse: set close-on-exec flag on pipe file descriptors.  Patch

diff --git a/lib/mount.c b/lib/mount.c
index 6182a17410174ae1da65838f6502d4897ee895ad..01f64da78c56ce37d5ed2f65e02e0fd7bb702469 100644 (file)
--- a/lib/mount.c
+++ b/lib/mount.c
@@ -97,6 +97,10 @@ static const struct fuse_opt fuse_mount_opts[] = {
        FUSE_OPT_KEY("large_read",              KEY_KERN_OPT),
        FUSE_OPT_KEY("blksize=",                KEY_KERN_OPT),
        FUSE_OPT_KEY("default_permissions",     KEY_KERN_OPT),
+       FUSE_OPT_KEY("context=",                KEY_KERN_OPT),
+       FUSE_OPT_KEY("fscontext=",              KEY_KERN_OPT),
+       FUSE_OPT_KEY("defcontext=",             KEY_KERN_OPT),
+       FUSE_OPT_KEY("rootcontext=",            KEY_KERN_OPT),
        FUSE_OPT_KEY("max_read=",               KEY_KERN_OPT),
        FUSE_OPT_KEY("max_read=",               FUSE_OPT_KEY_KEEP),
        FUSE_OPT_KEY("user=",                   KEY_MTAB_OPT),