From owner-freebsd-security@FreeBSD.ORG  Mon Dec  6 01:50:57 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CF0A71065670;
	Mon,  6 Dec 2010 01:50:57 +0000 (UTC)
	(envelope-from gabor@kovesdan.org)
Received: from server.mypc.hu (server.mypc.hu [87.229.73.95])
	by mx1.freebsd.org (Postfix) with ESMTP id 8C3BC8FC08;
	Mon,  6 Dec 2010 01:50:57 +0000 (UTC)
Received: from server.mypc.hu (localhost [127.0.0.1])
	by server.mypc.hu (Postfix) with ESMTP id D0E9114DD71C;
	Mon,  6 Dec 2010 02:35:29 +0100 (CET)
X-Virus-Scanned: amavisd-new at server.mypc.hu
Received: from server.mypc.hu ([127.0.0.1])
	by server.mypc.hu (server.mypc.hu [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id bnHJkNSX7WaD; Mon,  6 Dec 2010 02:35:27 +0100 (CET)
Received: from [193.137.158.219] (unknown [193.137.158.219])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by server.mypc.hu (Postfix) with ESMTPSA id C618B14DD00D;
	Mon,  6 Dec 2010 02:35:26 +0100 (CET)
Message-ID: <4CFC3DE7.2030606@kovesdan.org>
Date: Mon, 06 Dec 2010 01:35:35 +0000
From: Gabor Kovesdan <gabor@kovesdan.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; pt-PT;
	rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6
MIME-Version: 1.0
To: trustedbsd-discuss@FreeBSD.org, freebsd-security@FreeBSD.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Mon, 06 Dec 2010 01:59:13 +0000
Cc: 
Subject: problems with MAC labels on files
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Dec 2010 01:50:57 -0000

Hi,

I'm trying to set up an MLS policy but I'm unable to label files. 
Multi-label option is enabled on /, UFS_EXTATTR and 
UFS_EXTATTR_AUTOSTART is in the kernel and the MLS module is loaded.

# uname -a
FreeBSD .localdomain 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Dec  6 
00:20:31 WET 2010     
gabor@.localdomain:/usr/src/sys/i386/compile/GENERIC  i386

# setfmac mls/20:1 test
setfmac: labeling not supported in test

I've read all the documentation and man pages but I cannot find what 
else do I have to do to get it working. Could you please tell what I'm 
missing here?

Thanks in advance,
Gabor Kovesdan