From owner-freebsd-fs Mon Apr 10 11:39:35 2000 Delivered-To: freebsd-fs@freebsd.org Received: from ewok.creative.net.au (fuzzy.aussie.com.au [203.30.44.82]) by hub.freebsd.org (Postfix) with SMTP id 18B5F37BCCF for ; Mon, 10 Apr 2000 11:39:25 -0700 (PDT) (envelope-from freebsd@ewok.creative.net.au) Received: (qmail 20709 invoked by uid 1008); 10 Apr 2000 18:39:20 -0000 Date: Tue, 11 Apr 2000 02:39:20 +0800 From: Adrian Chadd To: Robert Watson Cc: freebsd-fs@freebsd.org Subject: Re: file system extended attributes support Message-ID: <20000411023919.A20569@ewok.creative.net.au> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Robert Watson on Mon, Apr 10, 2000 at 01:39:41AM -0400 Sender: owner-freebsd-fs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Apr 10, 2000, Robert Watson wrote: > > As part of the supporting code base for a number of security-related > projects on FreeBSD, I've hacked up extended attribute support for > FreeBSD. This allows arbitrary named attributes to be associated with > each inode, maintained by the kernel. In December, I committed APIs > associated with this code to the FreeBSD repository, and now after a few > months of testing and use, I'd like to commit the code itself to the repo. > Doing so will facilitate the further development of a number of > security-related projects, including the TrustedBSD MAC, ACL, and > Capability support, as well as third party security code such as the > NAI/TIS Labs FreeDTE code. > > This code is similar to the Quota code, in that it stores attributes in > backing files in the file system (or in another file system), and may be > enabled per-FFS partition. My feeling is that this approach allows > maximum flexibility at this point in the life cycle of FreeBSD in terms of > VFS maturity. As the support for stacked file systems matures, I'd be > willing to reconsider the manner in which this is implemented. > > The current version of the code, diff'd from the main repo a few days ago > on the 5.0-CURRENT (head) branch, is available for download at: > > http://www.trustedbsd.org/downloads/ > > It contains a great deal of #ifdef'd debugging code, but also contains > some utilities that can be experimented with. I recommend reading the > extattrctl man page first. The excessive debugging code will be stripped > before committing, and once I'm confident that it works for more than just > the four or five people who've used it thus far :-). I've looked at this and although I haven't tried it, it looks nice. The last time I looked at it the debugging code needed a little sanity. I'll deal with you as I move forward on the VFS stacking layer stuff. Adrian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message