[Buildroot] [PATCH 1/1] iputils: set the permissions with IPUTILS_PERMISSIONS
Arnout Vandecappelle
arnout at mind.be
Wed Jun 19 06:50:34 UTC 2019
On 19/06/2019 07:01, Petr Vorel wrote:
> Hi Arnout,
>
>>>> > It'd be nice if buildroot has BR2_TARGET_ROOTFS_HAS_XATTRS.
>
>>>> The problem is that you can enable several rootfs formats at the same
>>>> time (E.G. tar and cramfs), so we would need to only use xattrs if no
>>>> file system without xattrs support is enabled.
>
>> So maybe we could add a system option BR2_SYSTEM_XATTR that enables the use of
>> xattr.
> +1
>
>> Currently we have nothing using xattr, but there are quite a few packages that
>> could benefit from it, e.g. libpcap, and SELinux stuff.
> And IMA+EVM kernel features.
>
>> We could use that option to enable xattr instead of setuid where relevant, and
>> to disable filesystems that don't support xattr.
>
>
>>>> And things would break if you do a build with E.G. only tar rootfs
>>>> support and then afterwards enable cramfs without doing a clean
>>>> rebuild - Yes, I know you are not supposed to do that, but it does
>>>> happen.
>
>> I don't think we need to worry about that. But actually, with the
>> BR2_SYSTEM_XATTR option, it would even work since it's only taken into account
>> during finalize.
>
>
>>> Thanks for detailed info. I guess in that case is setuid really the only option.
>
>> It isn't, but the alternatives are a lot of work :-)
> :-). Do you plan to work on it? If not, I might do in next few weeks (I'm quite
> busy during summer).
I don't do any work myself, I just occasionally apply patches :-) And I think
for Peter it's pretty much the same thing.
Regards,
Arnout
More information about the buildroot
mailing list