[Buildroot] [PATCH 1/1] iputils: set the permissions with IPUTILS_PERMISSIONS

Arnout Vandecappelle arnout at mind.be
Tue Jun 18 21:31:30 UTC 2019



On 18/06/2019 22:52, Petr Vorel wrote:
> Hi Peter,
> 
>>  >> >> Is there an easy way to detect
>>  >> >> iso9660 usage?
> 
>>  >> >  BR2_TARGET_ROOTFS_ISO9660 of course. Well, that one is special actually because
>>  >> > in case of BR2_TARGET_ROOTFS_INITRAMFS or BR2_TARGET_ROOTFS_ISO9660_INITRD, the
>>  >> > rootfs is not actually stored in the iso9660.
> 
>>  >> >  But I don't know which other filesystems lack support for xattrs.
> 
>>  >> axfs, cramfs, romfs and yaffs2 as well afaik.
>>  > Thanks a lot.
> 
>>  > I guess BR2_TARGET_ROOTFS_TAR (and other tarballs supported)
>>  > supports xattrs (--xattrs-include='*' in fs/tar/tar.mk).
> 
>>  > It'd be nice if buildroot has BR2_TARGET_ROOTFS_HAS_XATTRS.
> 
>> The problem is that you can enable several rootfs formats at the same
>> time (E.G. tar and cramfs), so we would need to only use xattrs if no
>> file system without xattrs support is enabled.

 So maybe we could add a system option BR2_SYSTEM_XATTR that enables the use of
xattr.

 Currently we have nothing using xattr, but there are quite a few packages that
could benefit from it, e.g. libpcap, and SELinux stuff.

 We could use that option to enable xattr instead of setuid where relevant, and
to disable filesystems that don't support xattr.


>> And things would break if you do a build with E.G. only tar rootfs
>> support and then afterwards enable cramfs without doing a clean
>> rebuild - Yes, I know you are not supposed to do that, but it does
>> happen.

 I don't think we need to worry about that. But actually, with the
BR2_SYSTEM_XATTR option, it would even work since it's only taken into account
during finalize.


> Thanks for detailed info. I guess in that case is setuid really the only option.

 It isn't, but the alternatives are a lot of work :-)

 Regards,
 Arnout




More information about the buildroot mailing list