Removed extended attributes code from website as now in source tree
Robert Watson
rwatson at FreeBSD.org
Thu Apr 20 13:57:25 GMT 2000
As the extended attribute code from the web site, as it's now part of the
base distribution. Since my first commit, I've introduced a number of
minor features and bugfixes:
o Modified attribute file header to include a magic number, and file
version information. Prompted in particular by the next change.
o Added inode generation number to the per-attribute-entry header so
as to sanity check attribute retrievals. If the generation number
in the header doesn't match that of the inode being used to retrieve
the attribute, coerce the situation to the attribute being "undefined"
and print an error on the console. This can only happen if: 1) file
system is corrupted/whatever, 2) attributes and file system are out
of synch due to extended running without the attribute enabled, or 3)
the attribute file was not intended for use with this file system.
To be honest, this isn't ideal either. :-)
o extattrctl now allows the setting of rights on the attribute via the
command line, rather than a compiled define. Levels for read and
write are: kernel, root, owner, anyone. This is for the purposes of
the in-band API modifications of attributes, and doesn't affect
whether or not the backing file can be directly modified. This is
an important thing from the perspective of configuring a production
system, and will be documented further.
o I'm about to commit a "-p" argument which causes extattrctl to
preallocate space for the attributes rather than using a sparse file.
This can provent a DoS on attribute writing if the file system is
full, but can also consume a lot of space (worst-case for variable
length attribute values). However, a useful flag if one is thinking
of MAC labels, et al :-).
Man pages have not been updated to reflect a few of these changes, but
will be shortly.
Per Ilmar's comments on the in-kernel VOP interface, I will most likely
provide some vn_*() functions to simplify coding. It should be observed
that doing so pushes the kernel call stack a little deeper, which is
something to watch out for (I observed a problem with using printf buried
deep within FFS a little while ago, so we may need to increase UPAGES).
I'll post the easier wrapper function API in a couple of days, and commit
shortly thereafter if there are no objections. I recognize that such a
set of wraper functions would simplify coding of activities using
attributes, as well as combine a lot of identical code.
I've been hacking some more on capabilities and hope to post an update in
a couple of days. It's raised some questions about auditing and reporting
the use of privilege, and I'll probably send out an email with regards to
these considerations in a couple of days also.
Thanks,
Robert N M Watson
robert at fledge.watson.org http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list