Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Jul 2017 07:18:03 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-jail@FreeBSD.org
Subject:   [Bug 220712] Extended attributes within a jail cant be set
Message-ID:  <bug-220712-9824-dNPYhmlHiG@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-220712-9824@https.bugs.freebsd.org/bugzilla/>
References:  <bug-220712-9824@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220712

--- Comment #2 from dewayne@heuristicsystems.com.au ---
(In reply to Mark Millard from comment #1)
Refer to short-term, unsafe (from the SAMBA developers' perspective)
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220844

Mark, as you've quoted, this was my reply, via the mailing-list to Konstant=
in
(who I have great respect for).

"With the passage of 15 years
other applications have come to use "system" namespace extended
attributes, as though they were in the host system.  Unfortunately if
you have one physical box available to act as both an authentication
server (Quasi Active Directory) and a fileserver, then using a jailed
environment is the only solution.

By design?  I suppose its akin to saying, why would you want to use
sysvipc from within a jail, with its global namespace (since FreeBSD
V5.0) ; or perhaps the use of raw sockets (FreeBSDv6.0); or mount within
a jail (FreeBSD V9.0); or...?
Probably because sophisticated use of jails is one of the many
outstanding features that sets FreeBSD apart from restrictive and
antiquated environments.  Not all features of a base system should be
reflected in a jail, that would be silly; but where upstream
applications use features, then the enhancement of a jail's
configuration via way of, at least, an option - makes sense."

Interestingly the absence of SYSTEM namespace within a jailed environment a=
lso
prohibits use of MAC BIBA|MLS|LOMAC.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-220712-9824-dNPYhmlHiG>