libfuse: pass security context options to kernel

Mount can be used with an "-o context=" option in order to specify a mountpoint-wide SELinux security context different from the default context provided by the active SELinux policy. This is useful in order to enable users to mount multiple sshfs targets under distinct contexts, which is my main motivation for getting this patch mainlined.
libfuse · Feb 8, 2013 · c52cafc · c52cafc · rhatdan · Apr 12, 2016
1 parent c66e7f4
commit c52cafc
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -7,6 +7,9 @@
 
 	* libfuse: fix fs cleanup.  Reported by Eric Wong
 
+	* libfuse: pass security context options to kernel.  Patch by
+	Dalvik Khertel
+
 2013-02-06  Miklos Szeredi <miklos@szeredi.hu>
 
 	* libfuse: set close-on-exec flag on pipe file descriptors.  Patch

diff --git a/lib/mount.c b/lib/mount.c
@@ -97,6 +97,10 @@ static const struct fuse_opt fuse_mount_opts[] = {
 	FUSE_OPT_KEY("large_read",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("blksize=",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("default_permissions",	KEY_KERN_OPT),
+	FUSE_OPT_KEY("context=",		KEY_KERN_OPT),
+	FUSE_OPT_KEY("fscontext=",		KEY_KERN_OPT),
+	FUSE_OPT_KEY("defcontext=",		KEY_KERN_OPT),
+	FUSE_OPT_KEY("rootcontext=",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("max_read=",		KEY_KERN_OPT),
 	FUSE_OPT_KEY("max_read=",		FUSE_OPT_KEY_KEEP),
 	FUSE_OPT_KEY("user=",			KEY_MTAB_OPT),