From owner-freebsd-fs Sun Apr 9 22:39:47 2000 Delivered-To: freebsd-fs@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 7D85B37B742 for ; Sun, 9 Apr 2000 22:39:43 -0700 (PDT) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id BAA11057 for ; Mon, 10 Apr 2000 01:39:42 -0400 (EDT) (envelope-from robert@cyrus.watson.org) Date: Mon, 10 Apr 2000 01:39:41 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: freebsd-fs@freebsd.org Subject: file system extended attributes support Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-fs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org As part of the supporting code base for a number of security-related projects on FreeBSD, I've hacked up extended attribute support for FreeBSD. This allows arbitrary named attributes to be associated with each inode, maintained by the kernel. In December, I committed APIs associated with this code to the FreeBSD repository, and now after a few months of testing and use, I'd like to commit the code itself to the repo. Doing so will facilitate the further development of a number of security-related projects, including the TrustedBSD MAC, ACL, and Capability support, as well as third party security code such as the NAI/TIS Labs FreeDTE code. This code is similar to the Quota code, in that it stores attributes in backing files in the file system (or in another file system), and may be enabled per-FFS partition. My feeling is that this approach allows maximum flexibility at this point in the life cycle of FreeBSD in terms of VFS maturity. As the support for stacked file systems matures, I'd be willing to reconsider the manner in which this is implemented. The current version of the code, diff'd from the main repo a few days ago on the 5.0-CURRENT (head) branch, is available for download at: http://www.trustedbsd.org/downloads/ It contains a great deal of #ifdef'd debugging code, but also contains some utilities that can be experimented with. I recommend reading the extattrctl man page first. The excessive debugging code will be stripped before committing, and once I'm confident that it works for more than just the four or five people who've used it thus far :-). Thanks, Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message