Thanks Jeff for the quick response.

Just to clarify. By server mode you mean FSAL for file system

such as xfs that support xattrs, right?

As far as "fsal that has some other way to store the labels", are you

referring to something like glusterfs's new selinux xlator?

https://docs.gluster.org/en/v3/release-notes/3.11.0/

That is, these two are not done yet but can be implemented fairly simply?

glusterfs release notes states that there are two potential clients that

can take advantage of this selinux xlator. One, using gluster native FUSE

client and the other using nfs-ganesha. The native FUSE client would

require fairly complex work in the kernel, which is currently not on anybody's

radar. That's why I was curious if nfs-ganesha can take advantage of this

gluster xlator feature with relative ease.

Thanks again for your help.

-Janak

On Thu, Sep 6, 2018 at 12:31 PM Jeff Layton <jlayton@redhat.com> wrote:

On Thu, 2018-09-06 at 12:00 -0400, Janak Gtri wrote:
> The latest version of nfs-ganesha supports nfs v4.2 protocols. Does that include labeled nfs?
>
> Does FSAL for glusterfs have support to get/set labels (extended attributes such as SELinux context)?

Not yet.

Limited server mode should be fairly simple to implement over any FSAL
that supports xattrs or has some other way to store the labels. Full
mode may eventually be possible but would require some way to request
the FSAL to check labels for us.
--
Jeff Layton <jlayton@redhat.com>