Stefan Berger wrote:
The security.evm extended attribute is fully owned by the Linux kernel and cannot be directly written from userspace. Therefore, we can always skip it.
--- (see below "...")...
Please put this on a switch or option. The security.evm field seems only special on Mandatory Access systems (from https://lwn.net/Articles/449719/), and seems like it should be copyable by root on non-Mandatory Access systems. At the very least, a "dd" from one file system to another, would copy it, so the security doesn't rely on it being copied WITH the rest of its attrs, but with the field being a check on those fields not being modified. .... Reading further, a better solution might be to provide a list of extended attributes to ***exclude*** from copying, making your patch "general case", as well as an option to ONLY copy a list of xattrs, that match an expression or list. I'm against hardcoding specific cases into rsync, as they won't apply to all systems rsync runs on as well as hard-coding current trends in integrity-measurement (which may be subject to change). -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html