Extended "system" attributes within jailed environment dont work
Rick Macklem
rmacklem at uoguelph.ca
Fri Jul 14 12:17:50 UTC 2017
Konstantin Belousov wrote:
>On Fri, Jul 14, 2017 at 07:28:58PM +1000, Dewayne Geraghty wrote:
[stuff snipped]
>>
>> I suppose that the crux to the question is - why should the "system"
>> namespace not be available within a jail?
>Perhaps because system namespace (can) carry attributes which modify the
>filesystem behaviour in a way which is considered inappropriate to allow
>for jailed root. This is somewhat similar to jail security.allow_chflags
>knob, but with more unfortunate consequences.
>
>I do not claim that system namespace cannot be opened to the jailed root,
>but doing so requires a review of all implemented system ext attributes,
>across all types of filesystems.
One *hackish* way to deal with this might be to have the attribute created
within the "user" namepsace with "system." prepended to it's name when within
a jail.
- That would allow SAMBA (and others) set/get attributes that they specify
as "system namespace", but the attributes wouldn't actually be in "system namespace".
Although the patch never ended up in head as yet, there was a similar issue
w.r.t. extended attribute namespace for fuse filesystems, since fuse doesn't
support the notion of a namespace.
Just a suggestion. I have no strong opinion on this, rick
More information about the freebsd-stable
mailing list