On Mon, Mar 19, 2012 at 15:03, Thierry Reding <[email protected]> wrote: > * Daniel J Walsh wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 03/19/2012 07:59 AM, Thierry Reding wrote: >> > * Kay Sievers wrote: >> >> On Sat, Mar 17, 2012 at 15:14, Koen Kooi >> >> <[email protected]> wrote: >> >>> >> >>> Op 16 mrt. 2012, om 02:40 heeft Lennart Poettering het volgende >> >>> geschreven: >> >>> >> >>>> Heya, >> >>>> >> >>>> this is primarily a bugfix release (but does include a couple >> >>>> of new things) and might be very likely the version we'll >> >>>> ship in Fedora 17, unless there's some unforeseen bigger bug >> >>>> left to be fixed. >> >>>> >> >>>> http://cgit.freedesktop.org/systemd/systemd/plain/NEWS >> >>>> http://www.freedesktop.org/software/systemd/systemd-44.tar.xz >> >>> >> >>> >> >>>> >> I get the following error and warnings when crosscompiling for arm: >> >>> >> >>> | src/journal/journald.c: In function 'process_event': | >> >>> src/journal/journald.c:2147:49: error: 'PAGE_SIZE' undeclared >> >>> (first use in this function) >> >> >> >> PATH_MAX might be simpler to use here. >> > >> > Exactly how long are SELinux labels allowed to be? I couldn't find >> > any related constants in any of the headers on my system. >> > Alternatively, maybe a more portable way would be to use >> > sysconf(_SC_PAGESIZE) here? >> >> Right now they are unlimited, but we are having discussions with >> upstream about potentially picking a limit of around 2k. > > What is the time frame for this? > >> I have been able to generate a worse case label of just over 5k, in >> userspace, but this would be limited to around 2k if coming from the >> kernel. >> >> In NON-MlS world, SELinux labels would never be longer then 100 chars. > > In the meantime maybe some constant known to be an absolute maximum should be > chosen. I don't know if the typical page-size of 4K would be enough given > that you've been able to generate one that is larger. 8K on the other hand > seems way too much.
It used to be NAME_MAX 255 in the past, in earlier days of selinux/audit userspace, I think. If longer names should be supported, PATH_MAX 4096 sounds good to me. If it should be crazy large, XATTR_SIZE_MAX 65536 seems to define the upper limit anyway. :) Kay _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
