On Mon, Jan 16, 2017 at 12:08 AM, <sf...@users.sourceforge.net> wrote: > > Arun Chandran: >> This happens because aufs handles removal of files through newly >> created file "layer1/.wh..wh.aufs"(I am guessing this from the below >> printk), as this file got created during the mount operation it is >> labeled as "_" > > Still I don't get the point. > Would you try these steps? I want to know what will happen on layer1. > > cd ./layer1 >> .wh..wh.aufs (if it doesn't exist) > ln .wh..wh.aufs .wh.0.txt > > --------------------------------------------- Files in the layers before mounting ---------------------------------------------- # for i in `find layer* `; do chsmack $i; done layer0 access="k1" layer0/0.txt access="k1" layer1 access="k1" layer1/1.txt access="k1"
------------------------------------------------------------ Given below are the files I can see in the layers after doing aufs mount of layer0 and layer1 to rootfs_mnt. Please note that I am running as a normal user 'test'. ------------------------------------------------------------ # find layer* layer0 layer0/0.txt layer1 layer1/1.txt layer1/.wh..wh.aufs layer1/.wh..wh.plnk find: layer1/.wh..wh.plnk: Permission denied layer1/.wh..wh.orph find: layer1/.wh..wh.orph: Permission denied ------------------------------------------------------- Now printing their individual smack labels -------------------------------------------------------- # for i in `find layer* `; do chsmack $i; done find: layer1/.wh..wh.plnk: Permission denied find: layer1/.wh..wh.orph: Permission denied layer0 access="k1" layer0/0.txt access="k1" layer1 access="k1" layer1/1.txt access="k1" layer1/.wh..wh.aufs access="_" --------------> These meta data files are labelled "_" layer1/.wh..wh.plnk access="_" layer1/.wh..wh.orph access="_" # mounting layer0 and layer1 to rootfs_mnt is done in a root terminal with the command 'mount -t aufs -o br=./layer1=rw:./layer0=ro -o udba=reval -o smackfsroot=k1 none ./rootfs_mnt' Am I clear now? >> In short words, what I am looking is a mount option like this >> "aufs_meta_files_def_smack_label=k1" :). >> Could you please give me pointer to how to implement such an option? > > What will this option does? This option will chose the supplied smack label (k1) for the newly created aufs meta data files. In my case you can see the aufs meta data files (.wh..*.*) are labelled as "_". [This is happening because new objects get the label of subject. These files are created while mounting as a root user. The smack label for root user is "_". ] --Arun ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi
