Date: Mon, 28 Aug 2023 08:03:33 +0200 From: Felix Palmen <zirias@freebsd.org> To: current@freebsd.org Subject: Re: Possible issue with linux xattr support? Message-ID: <elx6cvceobzgw66fskkfhhicsdpsur5xaktluu5tk7m7p4qwno@s7qmm4kyuvag> In-Reply-To: <EA27BAE1-C687-47F9-BB6D-B72A85A5CA8D@cschubert.com> References: <wngyoks3jy5wjrbv6tlqhv3g4jyu7z4s2broo7qcpit7iebawc@fbfb5iidxtp2> <3q2k3tje2ig2s6wzy4hzvjmoyejiecminvcvevivumtukxrgki@btnpjbztyfa6> <ZOuNvisMH_GXHHX2@heemeyer.club> <pzu4sxp4wvfpn3mzzo2giw3otvg6z5ewia6rr2tdgpkjurfcfe@aat2k6ywm6jm> <ZOuoH6Llw8PKgMJQ@heemeyer.club> <wuwg3egv3rilgfaa5hor47v3yjwzvxlt5krj4la4wvugcnhkg3@vgrtgfr7rc6i> <EA27BAE1-C687-47F9-BB6D-B72A85A5CA8D@cschubert.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--zeqnf7mgns3c4mnu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
* Cy Schubert <Cy.Schubert@cschubert.com> [20230827 16:59]:
> On August 27, 2023 12:55:23 PM PDT, Felix Palmen <zirias@freebsd.org> wro=
te:
> >* Dmitry Chagin <dchagin@freebsd.org> [20230827 22:46]:
> >> On Sun, Aug 27, 2023 at 07:59:32PM +0200, Felix Palmen wrote:
> >> > * Dmitry Chagin <dchagin@freebsd.org> [20230827 20:54]:
> >> > > 1. which fs are you using?
> >> >=20
> >> > ZFS.
> >> >=20
> >> > > 2. jailed?
> >> >=20
> >> > Yes, this is during building ports with poudriere.
> >> >=20
> >>=20
> >> I think it's a weird prohibition on changing system namespace extattr
> >> attributes, look to comments in extattr_check_cred()
> >
> >Maybe that's when I should finally start trying to understand the stuff
> >in src.git ;)
> >
> >> I can fix this completely disabling exttatr for jailed proc,
> >> however, it's gonna be bullshit, though
> >
> >Would probably be better than nothing. AFAIK, "Linux jails" are used a
> >lot, probably with userlands from distributions actually using xattr.
> >
> >Cheers, Felix
> >
>=20
> If we are to break it to fix a problem, maybe a sysctl to enable/disable =
then?
IMHO depends on the exact nature of the problem. If it's confirmed that
it (always and only) breaks for jailed processes, just disabling it for
them would be the better workaround. "No-op" calls won't break anything.
Cheers, Felix
--=20
Felix Palmen <zirias@FreeBSD.org> {private} felix@palmen-it.de
-- ports committer -- {web} http://palmen-it.de
{pgp public key} http://palmen-it.de/pub.txt
{pgp fingerprint} 6936 13D5 5BBF 4837 B212 3ACC 54AD E006 9879 F231
--zeqnf7mgns3c4mnu
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iNUEABYKAH0WIQRpNhPVW79IN7ISOsxUreAGmHnyMQUCZOw4r18UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0Njkz
NjEzRDU1QkJGNDgzN0IyMTIzQUNDNTRBREUwMDY5ODc5RjIzMQAKCRBUreAGmHny
MYTGAQDcB6S61dTPBD+XCjVfiTR15y72nlAPccUBxZ0FPYCy5QEA9pGCSpEABkgK
k//b96yULmTQ4lRFIN71tLFyMwvQXA0=
=jWCP
-----END PGP SIGNATURE-----
--zeqnf7mgns3c4mnu--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?elx6cvceobzgw66fskkfhhicsdpsur5xaktluu5tk7m7p4qwno>