[Buildroot] [PATCH 15/15] docs/manual: add a section about SELinux
Matthew Weber
matthew.weber at collins.com
Fri Jul 31 13:19:08 UTC 2020
Thomas,
On Fri, Jul 31, 2020 at 8:16 AM Thomas Petazzoni
<thomas.petazzoni at bootlin.com> wrote:
>
> On Fri, 31 Jul 2020 14:52:14 +0200
> Antoine Tenart <antoine.tenart at bootlin.com> wrote:
>
> > > Unsure how to tie this into the documentation as the user won't have
> > > to enable more then the filesystem xattrs. Maybe xattrs would make
> > > sense to globally turn on as well?
> >
> > That should be possible, I don't know to what extend do we want to fix
> > the kernel configuration. As other SELinux Kconfig options are already
> > turned on by libselinux, I'd say that could make sense.
>
> The problem with xattr is that it is typically a per-filesystem option:
>
> ./fs/jffs2/Kconfig:config JFFS2_FS_XATTR
> ./fs/cifs/Kconfig:config CIFS_XATTR
> ./fs/f2fs/Kconfig:config F2FS_FS_XATTR
> ./fs/Kconfig:config TMPFS_XATTR
> ./fs/reiserfs/Kconfig:config REISERFS_FS_XATTR
> ./fs/erofs/Kconfig:config EROFS_FS_XATTR
> ./fs/ext2/Kconfig:config EXT2_FS_XATTR
> ./fs/squashfs/Kconfig:config SQUASHFS_XATTR
> ./fs/ubifs/Kconfig:config UBIFS_FS_XATTR
>
> Which one do we enable ? All of them, and if the corresponding
> filesystem is not enabled, the option will be re-disabled ? That's a
> possible option, I'm not sure it's really nice but it should work.
>
Agree. not ideal. But it does create a bug, (funny timing) we
actually just had a review come through internally where the developer
missed enabling JFFS2_FS_XATTR and it resulted in some unnecessary
churn.
Matt
More information about the buildroot
mailing list