Hi; I am going through several of the SELinux Howtos. There is a lot of info, manuals and tutorials out there that I am using. But one question remains unanswered. At the kernel level, what is the relationship between the inode struct and any SELinux struct or tables. For example: ]$ ls -l ~/Documents total 40 drwxrwxr-x. 4 bill bill 4096 2009-07-17 09:30 C drwxrwxr-x. 3 bill bill 4096 2009-07-19 23:49 emacs drwxrwxr-x. 2 bill bill 4096 2009-07-07 19:33 HouseHold drwxr-xr-x. 4 bill bill 4096 2009-07-20 17:45 Personal -rw-rw-r-- 1 bill bill 14356 2009-07-14 15:57 phlegmatic.odt drwxr-xr-x. 10 bill bill 4096 2009-07-17 20:26 Stuff drwxr-xr-x. 3 bill bill 4096 2009-07-19 11:06 Work and ]$ ls -Z ~/Documents drwxrwxr-x. bill bill unconfined_u:object_r:user_home_t:s0 C drwxrwxr-x. bill bill unconfined_u:object_r:user_home_t:s0 emacs drwxrwxr-x. bill bill unconfined_u:object_r:user_home_t:s0 HouseHold drwxr-xr-x. bill bill unconfined_u:object_r:user_home_t:s0 Personal -rw-rw-r-- bill bill ? phlegmatic.odt drwxr-xr-x. bill bill unconfined_u:object_r:user_home_t:s0 Stuff drwxr-xr-x. bill bill unconfined_u:object_r:user_home_t:s0 Work When I open a file (in the example above, a directory) obviously(?) the kernel works its way from the file and/or directory struct to the inode struct, but what constant or field or function in the inode, directory or file structures signals the kernel to open/add the SELinux data? A detailed response is not necessary, if you can give me an outline of what is happening. I have seen mentioned that instead 'hooks' might be used by SELinux, but if so I can't find an explanation how they would work or what event they are tied to. It would be even better, if you can give me some guidance on where to look or what manual to read? I have a couple of Linux Kernel books here but nothing seems to answer this question. -- Regards Bill Fedora 11, Gnome 2.26.3 Evo.2.26.3, Emacs 22.3.1