From nobody Mon Aug 28 06:03:33 2023
X-Original-To: current@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RZ0Nn4ZKkz4qsqV
	for <current@mlmmj.nyi.freebsd.org>; Mon, 28 Aug 2023 06:03:37 +0000 (UTC)
	(envelope-from felix@palmen-it.de)
Received: from stef.palmen-it.de (stef.palmen-it.de [IPv6:2001:470:1f0b:bbb:1::1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RZ0Nm3Hyxz4Xk5
	for <current@freebsd.org>; Mon, 28 Aug 2023 06:03:36 +0000 (UTC)
	(envelope-from felix@palmen-it.de)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=palmen-it.de header.s=20200414 header.b=mBcAHffY;
	spf=pass (mx1.freebsd.org: domain of felix@palmen-it.de designates 2001:470:1f0b:bbb:1::1 as permitted sender) smtp.mailfrom=felix@palmen-it.de;
	dmarc=none
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=palmen-it.de; s=20200414; h=In-Reply-To:Content-Type:MIME-Version:
	References:Message-ID:Subject:To:From:Date:Sender:Reply-To:Cc:
	Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
	List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=EvA5wYs8QbKShfHp14Dvy49/1G1DHM9sK7LVBjqpt9Q=; b=mBcAHffYjxOKjbmjtNYmAtWGOo
	04MNhvfVcmAU3wZQJ0Uzn7lGQZqPTp418z2wAcxktt/8cfF8DK0BUkmD/QiivsjG4jE8oy9A1thlO
	pXinEEDsSzwMZMEQgX0C4S6ZfWRNDpIsOaTmWmb0Uk2OKvNCdzUBnrRyCdNsN35PyDgrplVpKV3lF
	xlmYKLxPzJKiDQ2uecbYdA/Pc1icyyR6cOxXT76FqC6NhCoPJxr6TMX+sXV5dsBWEQothsyuNRFi0
	a6jDf9eOSE4ATDfKd5tSTJc7rFVvnEpZrb4YM8S07ZjWxnSsqelW5PltZggF3uxSIXKC2hU+qD/B3
	qnrNOYgA==;
Received: from [192.168.71.101] (helo=mail.home.palmen-it.de)
	by stef.palmen-it.de with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <felix@palmen-it.de>)
	id 1qaVLa-00B3JI-5S
	for current@freebsd.org; Mon, 28 Aug 2023 08:03:34 +0200
Received: from nexus.home.palmen-it.de ([192.168.99.2])
	by mail.home.palmen-it.de with esmtpsa  (TLS1.3) tls TLS_CHACHA20_POLY1305_SHA256
	(Exim 4.96 (FreeBSD))
	(envelope-from <felix@palmen-it.de>)
	id 1qaVLZ-000K3g-39
	for current@freebsd.org;
	Mon, 28 Aug 2023 06:03:33 +0000
Date: Mon, 28 Aug 2023 08:03:33 +0200
From: Felix Palmen <zirias@freebsd.org>
To: current@freebsd.org
Subject: Re: Possible issue with linux xattr support?
Message-ID: <elx6cvceobzgw66fskkfhhicsdpsur5xaktluu5tk7m7p4qwno@s7qmm4kyuvag>
Mail-Followup-To: current@freebsd.org
X-Face: /1K@t"h.}e~pR@]c7HorQ!T`F^RJ<!xiU\\+>Ca'BCr#e>IKA{>C/9OTGB4|xh"y2{?1Z5M
 i2w"AH^pN_LlHR^{+f',_Np~;.B;!M/bL}*qk]p5*r7F5vW};{:@4u5S?T&f0$7BJ-71Q5SV]:v$`5
 A0[DZ:=?S52x8HJ~5@^P_\T@MsjG{R(
Organization: FreeBSD.org
References: <wngyoks3jy5wjrbv6tlqhv3g4jyu7z4s2broo7qcpit7iebawc@fbfb5iidxtp2>
 <3q2k3tje2ig2s6wzy4hzvjmoyejiecminvcvevivumtukxrgki@btnpjbztyfa6>
 <ZOuNvisMH_GXHHX2@heemeyer.club>
 <pzu4sxp4wvfpn3mzzo2giw3otvg6z5ewia6rr2tdgpkjurfcfe@aat2k6ywm6jm>
 <ZOuoH6Llw8PKgMJQ@heemeyer.club>
 <wuwg3egv3rilgfaa5hor47v3yjwzvxlt5krj4la4wvugcnhkg3@vgrtgfr7rc6i>
 <EA27BAE1-C687-47F9-BB6D-B72A85A5CA8D@cschubert.com>
List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-current
List-Help: <mailto:freebsd-current+help@freebsd.org>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Subscribe: <mailto:freebsd-current+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-current+unsubscribe@freebsd.org>
Sender: owner-freebsd-current@freebsd.org
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="zeqnf7mgns3c4mnu"
Content-Disposition: inline
In-Reply-To: <EA27BAE1-C687-47F9-BB6D-B72A85A5CA8D@cschubert.com>
User-Agent: NeoMutt/20230517
X-Spamd-Result: default: False [-6.50 / 15.00];
	DWL_DNSWL_MED(-2.00)[palmen-it.de:dkim];
	SIGNED_PGP(-2.00)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	SUBJECT_ENDS_QUESTION(1.00)[];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	MID_RHS_NOT_FQDN(0.50)[];
	RCVD_DKIM_ARC_DNSWL_MED(-0.50)[];
	FORGED_SENDER(0.30)[zirias@freebsd.org,felix@palmen-it.de];
	R_DKIM_ALLOW(-0.20)[palmen-it.de:s=20200414];
	MIME_GOOD(-0.20)[multipart/signed,text/plain];
	RCVD_IN_DNSWL_MED(-0.20)[2001:470:1f0b:bbb:1::1:from];
	R_SPF_ALLOW(-0.20)[+ip6:2001:470:1f0b:bbb:1::1:c];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	DMARC_NA(0.00)[freebsd.org];
	MLMMJ_DEST(0.00)[current@freebsd.org];
	FROM_HAS_DN(0.00)[];
	TO_DOM_EQ_FROM_DOM(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	HAS_ORG_HEADER(0.00)[];
	TO_DN_NONE(0.00)[];
	ARC_NA(0.00)[];
	DKIM_TRACE(0.00)[palmen-it.de:+];
	ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US];
	MIME_TRACE(0.00)[0:+,1:+,2:~];
	FROM_NEQ_ENVFROM(0.00)[zirias@freebsd.org,felix@palmen-it.de];
	RCVD_TLS_ALL(0.00)[]
X-Spamd-Bar: ------
X-Rspamd-Queue-Id: 4RZ0Nm3Hyxz4Xk5


--zeqnf7mgns3c4mnu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Cy Schubert <Cy.Schubert@cschubert.com> [20230827 16:59]:
> On August 27, 2023 12:55:23 PM PDT, Felix Palmen <zirias@freebsd.org> wro=
te:
> >* Dmitry Chagin <dchagin@freebsd.org> [20230827 22:46]:
> >> On Sun, Aug 27, 2023 at 07:59:32PM +0200, Felix Palmen wrote:
> >> > * Dmitry Chagin <dchagin@freebsd.org> [20230827 20:54]:
> >> > > 1. which fs are you using?
> >> >=20
> >> > ZFS.
> >> >=20
> >> > > 2. jailed?
> >> >=20
> >> > Yes, this is during building ports with poudriere.
> >> >=20
> >>=20
> >> I think it's a weird prohibition on changing system namespace extattr
> >> attributes, look to comments in extattr_check_cred()
> >
> >Maybe that's when I should finally start trying to understand the stuff
> >in src.git ;)
> >
> >> I can fix this completely disabling exttatr for jailed proc,
> >> however, it's gonna be bullshit, though
> >
> >Would probably be better than nothing. AFAIK, "Linux jails" are used a
> >lot, probably with userlands from distributions actually using xattr.
> >
> >Cheers, Felix
> >
>=20
> If we are to break it to fix a problem, maybe a sysctl to enable/disable =
then?

IMHO depends on the exact nature of the problem. If it's confirmed that
it (always and only) breaks for jailed processes, just disabling it for
them would be the better workaround. "No-op" calls won't break anything.

Cheers, Felix

--=20
 Felix Palmen <zirias@FreeBSD.org>     {private}   felix@palmen-it.de
 -- ports committer --                     {web}  http://palmen-it.de
 {pgp public key}  http://palmen-it.de/pub.txt
 {pgp fingerprint} 6936 13D5 5BBF 4837 B212  3ACC 54AD E006 9879 F231

--zeqnf7mgns3c4mnu
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iNUEABYKAH0WIQRpNhPVW79IN7ISOsxUreAGmHnyMQUCZOw4r18UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0Njkz
NjEzRDU1QkJGNDgzN0IyMTIzQUNDNTRBREUwMDY5ODc5RjIzMQAKCRBUreAGmHny
MYTGAQDcB6S61dTPBD+XCjVfiTR15y72nlAPccUBxZ0FPYCy5QEA9pGCSpEABkgK
k//b96yULmTQ4lRFIN71tLFyMwvQXA0=
=jWCP
-----END PGP SIGNATURE-----

--zeqnf7mgns3c4mnu--