> > + slabel=<internally encoded label | none>
> > + This property is used with Trusted Extensions. This is
> > + the internal encoding of a sensitivity label (also called
> > + a hex label). (See label_to_str(3tsol), label_encodings(4),
> > + hextoalabel(1M), atohexlabel(1M).) At mount time, this label
> > + must match that of the zone where the dataset is being mounted,
> > + or the mount fails.
>
>
> I'm happy with everything in this case except that the user interface to
> setting the property requires the use of an internally encoded label,
> I'm happy with allowing it. This seems really unfortunate that we can't
> just do:
>
> zfs set slabel=public tank/foo
Gosh I overlooked that in ensuring what was on disk was an
internally formatted label string. Indeed I agree, there
should be no reason to require the admin to enter a atohexlabel,
or for the system to display an internally formatted label.
The point is to not have the kernel have to deal with translating
human readable labels, likely before the label service is up.
I'll ask the project team about this all later today when I meet
with them.
Gary..
