On 8/13/11, Robert Connolly <rob...@linuxfromscratch.org> wrote: > Some amendments for the book: > > The mount options "acl,user_xattr", and the kernel config option > "CONFIG_SECURITY_FILE_CAPABILITIES" are mandatory. Along with acl and > security > labels for the file system of choice. This is the only way to drop suid-root > from programs. > > If new LFS boot scripts are used, then /run needs to be created, and added > as > a tmpfs to /etc/fstab. > > Aside from that, things are going well. I have a core2 machine running HLFS, > and it's running well. I'm anxious to add iptables. > > robert >
There is one thing to keep in mind when dealing with acl. Squashfs does not support acl. It would be a good thing to note that if any of the files with acl are "squashed", they will lose their acl permissions. Squash does support xattr, so if you don't use any acl (as would be needed for something like ping), then you should be fine. I am not aware of tar having any problems with acl. -- Kevin Day -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
