Extended attribute interfaces
Marius Bendiksen
mbendiks at eunet.no
Fri Sep 22 14:13:43 GMT 2000
> One idea that I continue to find uncomfortable is that the portable
> interface to POSIX.1e security labels would involve using EA interfaces
> -- i.e., I much prefer cap_get_file(), acl_get_file(), mac_get_file()
> because they work regardless of where the labels are actually stored
> (inode, EA, et al). This suggests that portable backup tools (tar, et al)
> should use POSIX.1e interfaces for system/kernel attributes, and that
> local tools such as dump could access the EAs directly if they choose.
As a side comment here, I would like to point out that you might also want
to present EAs with portable (e.g. textual) data. As I discussed with you
on IRC, one might offer POSIX.1e extensions _both_ through the
*_get_file() mechanism, _and_ through a set of EAs.
/system/posix1e/capabilities
/native/posix1e/capabilities
The latter not being imported upon a restore to a different system, as it
would be system specific, but the former holding a textual equivalent
which was uniform across systems. The former is, of course, generated from
the binary data on-demand, and not actually backed by disk storage.
Marius
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list