mount: make file_t SELinux warning optional and shorter

The patch:

   Commit:  4edebc1486133231e38b3881325c374eda567f74
   Date:    Mon Jun 23 13:00:00 2008 +0200
   Subject: mount: warn on "file_t" selinux context

introduces a new warning. This warning should be shorter and optional
-- it means visible in verbose mode only.

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/mount/mount.c b/mount/mount.c
index 9a78e9f0a15b282c92a309c8a3cc188c69108b0a..8527b44805a08edcacd8e3f2bbae77a4c9e248cf 100644 (file)
--- a/mount/mount.c
+++ b/mount/mount.c
@@ -1372,7 +1372,7 @@ try_mount_one (const char *spec0, const char *node0, const char *types0,
  out:
 
 #ifdef HAVE_LIBSELINUX
-  if (res != EX_FAIL && is_selinux_enabled() > 0) {
+  if (res != EX_FAIL && verbose && is_selinux_enabled() > 0) {
       security_context_t raw = NULL, def = NULL;
 
       if (getfilecon(node, &raw) > 0 &&
@@ -1383,10 +1383,8 @@ try_mount_one (const char *spec0, const char *node0, const char *types0,
                    "       You just mounted an file system that supports labels which does not\n"
                    "       contain labels, onto an SELinux box. It is likely that confined\n"
                    "       applications will generate AVC messages and not be allowed access to\n"
-                   "       this file system.  You can add labels to this file system by executing\n"
-                   "       restorecon(8). If you do not want to add labels to this file system,\n"
-                   "       you should mount the file system using one of the \"context\" mount\n"
-                   "       option."), node);
+                   "       this file system.  For more details see restorecon(8) and mount(8).\n"),
+                   node);
       }
       freecon(raw);
       freecon(def);