From owner-freebsd-pkg@freebsd.org Sat Jul 4 20:11:02 2020 Return-Path: Delivered-To: freebsd-pkg@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EFD8335763B for ; Sat, 4 Jul 2020 20:11:02 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 49zjdL67Kbz462s for ; Sat, 4 Jul 2020 20:11:02 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: by mailman.nyi.freebsd.org (Postfix) id D2419357724; Sat, 4 Jul 2020 20:11:02 +0000 (UTC) Delivered-To: pkg@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D208A357257 for ; Sat, 4 Jul 2020 20:11:02 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49zjdL57g2z460c; Sat, 4 Jul 2020 20:11:02 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: from ivaldir.etoilebsd.net (etoilebsd.net [178.32.217.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: bapt) by smtp.freebsd.org (Postfix) with ESMTPSA id 7CC7A2F9E2; Sat, 4 Jul 2020 20:11:02 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: by ivaldir.etoilebsd.net (Postfix, from userid 1001) id 7DCCABF9E5; Sat, 4 Jul 2020 22:11:00 +0200 (CEST) Date: Sat, 4 Jul 2020 22:11:00 +0200 From: Baptiste Daroussin To: Shawn Webb Cc: pkg@freebsd.org, dev@hardenedbsd.org Subject: Re: Filesystem extended attributes support Message-ID: <20200704201100.lkcde42gtlgspwpr@ivaldir.net> References: <20200704141345.xwdf2ckxak2hfpkh@mutt-hbsd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="ythx3b2ijyq52wix" Content-Disposition: inline In-Reply-To: <20200704141345.xwdf2ckxak2hfpkh@mutt-hbsd> X-BeenThere: freebsd-pkg@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Binary package management and package tools discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Jul 2020 20:11:03 -0000 --ythx3b2ijyq52wix Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 04, 2020 at 10:13:45AM -0400, Shawn Webb wrote: > Hey FreeBSD pkg(8) developers, >=20 > Attached is a patch that implements filesystem extended attributes > support. Only the system namespace is supported. In case the patch > gets scrubbed from this email, I've posted it here: > https://gist.github.com/d0b4653bc5942dbcdcd1db877d37c2dc >=20 > Anyone who wants to write unit tests is welcomed to do so. >=20 > This patch to pkg does depend on a separate patch to libarchive: > https://github.com/libarchive/libarchive/pull/1409 >=20 > HardenedBSD has a separate patch to tmpfs that enables incredibly > basic extended attribute support. The tmpfs patch is only needed for > those who use tmpfs with poudriere. >=20 > And finally, another patch to the jails subsystem that allows a > privileged user within a jail to set system namespace filesystem > extended attributes (disabled by default) is needed for poudriere > users. >=20 > The patch to tmpfs and jails is not included here as they are > tangential. Thank you for the patch at quick glance it looks fine to me. I would have obviously to wait for libarchive to merge the patch first to be able to tes= t it and do a proper review at the time. Don't hesitate to ping me again if you see no progress with libarchive has merged the said patch. I would have to rework it a bit probably: - Add a configure detection of the fact libarchive does or not have the necessary support - Add regression tests to ensure I don't break this in the future. - Maybe add an option to enable/disable it via pkg.conf (not sure yet about that ;)) Best regards, Bapt --ythx3b2ijyq52wix Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEgOTj3suS2urGXVU3Y4mL3PG3PloFAl8A4lQACgkQY4mL3PG3 PlqxSBAAyjWHbnGj8IOp3ygToRxcry3lu7sWAVZDiZCgHtkDxqa4oB8E8HUbOa+V fu1zQEYafII4ovthY60pN2IbYWERiurEFbnrDA4Si3Q8Ewf7VWDPUuEJHf4t55NC QyeyPuqLIB5apvxSSkCeOb6WNmqx2HEi201YfoEmvuIu/fykHF2Ch638fUy1xWbC YikkuN5gIinXkh5uJOx7m0WwlJx90/HPV1fkX0ODHSvoCS5T8tRZC4uGx3QVayUP yZ0vcwjCIlcrC15inrMMVA1KFxafORMs7vl9/E6ksmzsYIrUMGbqPpd4DdqI5xhk GfrOHABjswRlAcLsHm3qx8EMYOjOrmALge+DlbSzgMIyprstCCfIh6Qtgik0i6PH C+AYTQFiJp8tbBpgZFabbtrncmQd/Rj0CC3j+ALksXSZW5MtLbcE0+hu9dZeCFTq eHdNywGJ8xkOmIsHJyjz9iLe0Rl3QNwxsSLs/ZwxVBq/MWoIg/qXMgf9RgnyHLvE N/UhLWmjkt0CbEJG65Shn1m21dEXpDj7YTHWN8hciyiHzCMyCkVBZJ+mwPOctvp7 7yGIldgtKSTmBeOBRjprIAcymuG63uwsENTH4rUQNpyOfbTfSPC4h1v75mZq1WVc Rs14zbiGQDcb/8/lgSeo9hT8NFMAlgl3Y4IZKXfiGeXZUtguOZ4= =zRys -----END PGP SIGNATURE----- --ythx3b2ijyq52wix--