[Buildroot] [PATCH 15/15] docs/manual: add a section about SELinux

Antoine Tenart antoine.tenart at bootlin.com
Fri Jul 31 13:22:40 UTC 2020


Hi Thomas,

Quoting Thomas Petazzoni (2020-07-31 15:15:57)
> On Fri, 31 Jul 2020 14:52:14 +0200
> Antoine Tenart <antoine.tenart at bootlin.com> wrote:
> 
> > > Unsure how to tie this into the documentation as the user won't have
> > > to enable more then the filesystem xattrs.  Maybe xattrs would make
> > > sense to globally turn on as well?  
> > 
> > That should be possible, I don't know to what extend do we want to fix
> > the kernel configuration. As other SELinux Kconfig options are already
> > turned on by libselinux, I'd say that could make sense.
> 
> The problem with xattr is that it is typically a per-filesystem option:
> 
> ./fs/jffs2/Kconfig:config JFFS2_FS_XATTR
> ./fs/cifs/Kconfig:config CIFS_XATTR
> ./fs/f2fs/Kconfig:config F2FS_FS_XATTR
> ./fs/Kconfig:config TMPFS_XATTR
> ./fs/reiserfs/Kconfig:config REISERFS_FS_XATTR
> ./fs/erofs/Kconfig:config EROFS_FS_XATTR
> ./fs/ext2/Kconfig:config EXT2_FS_XATTR
> ./fs/squashfs/Kconfig:config SQUASHFS_XATTR
> ./fs/ubifs/Kconfig:config UBIFS_FS_XATTR
> 
> Which one do we enable ? All of them, and if the corresponding
> filesystem is not enabled, the option will be re-disabled ? That's a
> possible option, I'm not sure it's really nice but it should work.

If we do enable xattr support, that's what I had in mind. I agree it's
not a perfect solution.

Thanks!
Antoine

-- 
Antoine Ténart, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list