On Mon, 22 May 2017, Geoffrey Thomas wrote:
Can you enable CONFIG_AUFS_XATTR in config.mk for aufs? This allows aufs to
support file capabilities (getcap/setcap) in aufs filesystems. Support has
existed in aufs since early 2015 but the flag is off by default.
The lack of this option is a problem for Docker users:
https://github.com/moby/moby/issues/5650
https://stackoverflow.com/questions/44117543/getcap-setcap-not-working-in-docker-container-with-debian-stretch-host
I've tested that setting `CONFIG_AUFS_XATTR = y` in config.mk, and rebuilding
the DKMS module, causes running getcap inside Docker to start working.
If it's possible to get this enabled for Stretch (either in the release or
via stretch-backports), that would be very helpful -- it looks like the
config option only enables setxattr etc. to be used on aufs inodes, so the
risk of regressions is pretty low.
Hi maintainers,
Now that the freeze is over, can we get this change in buster and
stretch-backports? Let me know if there's something I can do to help,
e.g., test packages with this change in.
Thanks!
--
Geoffrey Thomas
https://ldpreload.com
geo...@ldpreload.com
