[OpenAFS-devel] OpenAFS and SELinux

[Kevin]

Hi List-

I saw two threads of discussion on OAFS and SELinux in the -info list
way back in 2003, but nothing in here and nothing in either list
recently.  If I'm off-topic on this subject in this list I apologize.
Someone tell me and I'll go to the other list with this question.

I've read that for a networked file system to be fully controllable by
an SELinux kernel, it must support extended attributes.  Otherwise, I
guess that all of the files under the mounted filesystem have the same
(default) set of SELinux policies and labels and these cannot be adjusted.

Apparently, neither NFS nor CIFS have this as a complete feature set.  I
haven't found anything, though, addressing this issue with OpenAFS?

Can someone here tell me whether OpenAFS supports extended attributes in
this regard and if so, should I expect that OpenAFS networked
filesystems can be fully controlled by an SELinux kernel?

Along the same lines, should I expect any restrictions or limitations
from either an OpenAFS perspective or an SELinux perspective on SELinux
afs servers and/or SELinux afs clients?

Anyone here have that (afs server and client) functionality working with
SELinux now?

Thanks.

-Kevin