On Thu, Oct 15, 2015 at 8:36 AM, Rich Freeman wrote:
> On Thu, Oct 15, 2015 at 7:58 AM, Alexander Tsoy wrote:
>>
>> I was wrong. This patch was not merged upstream. It is still needed and
>> included in latest genpatches for 4.2:
>>
>> $ tar tf genpatches-4.2-6.base.tar.xz | grep XATTR
>> ./1500_
On Thu, Oct 15, 2015 at 7:58 AM, Alexander Tsoy wrote:
>
> I was wrong. This patch was not merged upstream. It is still needed and
> included in latest genpatches for 4.2:
>
> $ tar tf genpatches-4.2-6.base.tar.xz | grep XATTR
> ./1500_XATTR_USER_PREFIX.patch
I suspect what we all have in common
On Thu, 15 Oct 2015 14:58:01 +0300
Alexander Tsoy wrote:
> On Thu, 15 Oct 2015 19:47:59 +0800
> Jason Zaman wrote:
>
> > On Thu, Oct 15, 2015 at 07:38:43AM -0400, Anthony G. Basile wrote:
> > > On 10/15/15 7:24 AM, Rich Freeman wrote:
> > > > On Thu, Oct 15, 2015 at 6:56 AM, Jason Zaman
> > > >
On Thu, 15 Oct 2015 19:47:59 +0800
Jason Zaman wrote:
> On Thu, Oct 15, 2015 at 07:38:43AM -0400, Anthony G. Basile wrote:
> > On 10/15/15 7:24 AM, Rich Freeman wrote:
> > > On Thu, Oct 15, 2015 at 6:56 AM, Jason Zaman
> > > wrote:
> > >> Can you try this:
> > >>
> > >> # getfattr -d -m- /bin/pi
On Thu, Oct 15, 2015 at 7:22 AM, Tobias Klausmann wrote:
>
> So it's not a BTRFS problem, but one of tmpfs. So I wondered if I
> maybe had missed to activate xattr suport for tmpfs, but no:
>
> # zgrep -i tmpfs /proc/config.gz
> CONFIG_DEVTMPFS=y
> CONFIG_DEVTMPFS_MOUNT=y
> CONFIG_TMPFS=y
> CONFIG
On Thu, Oct 15, 2015 at 07:38:43AM -0400, Anthony G. Basile wrote:
> On 10/15/15 7:24 AM, Rich Freeman wrote:
> > On Thu, Oct 15, 2015 at 6:56 AM, Jason Zaman wrote:
> >> Can you try this:
> >>
> >> # getfattr -d -m- /bin/ping
> >> security.capability=0sAQAAAgAgAAA=
> >> # setfattr
On 10/15/15 7:24 AM, Rich Freeman wrote:
On Thu, Oct 15, 2015 at 6:56 AM, Jason Zaman wrote:
Can you try this:
# getfattr -d -m- /bin/ping
security.capability=0sAQAAAgAgAAA=
# setfattr -n user.test -v "foo" ./ping
# setfattr -n user.pax.flags -v "me" ./ping
# getfattr -d -m- /b
On 10/15/15 4:57 AM, Tobias Klausmann wrote:
Hi!
On Wed, 14 Oct 2015, Mike Frysinger wrote:
anyone opposed to flipping this flag on by default ?
reference:
https://bugs.gentoo.org/506198
https://bugs.gentoo.org/556408
No objection, but a bit of a datapoint. I use btrfs on one of my
machines,
On 10/14/15 11:48 PM, Mike Frysinger wrote:
USE=xattr is needed nowadays to support:
- filesystem caps (those things that let you drop set*id and generally
improves system security w/little to no runtime overhead)
- PaX file markings (replaces binutils ELF markings)
- selinux
we actually have
On Thu, Oct 15, 2015 at 6:56 AM, Jason Zaman wrote:
>
> Can you try this:
>
> # getfattr -d -m- /bin/ping
> security.capability=0sAQAAAgAgAAA=
> # setfattr -n user.test -v "foo" ./ping
> # setfattr -n user.pax.flags -v "me" ./ping
> # getfattr -d -m- /bin/ping
> security.capability
Hi!
On Thu, 15 Oct 2015, Jason Zaman wrote:
> Can you try this:
>
> # getfattr -d -m- /bin/ping
> security.capability=0sAQAAAgAgAAA=
> # setfattr -n user.test -v "foo" ./ping
> # setfattr -n user.pax.flags -v "me" ./ping
> # getfattr -d -m- /bin/ping
> security.capability=0sAQAAA
On Thu, 15 Oct 2015 18:56:28 +0800
Jason Zaman wrote:
> On Thu, Oct 15, 2015 at 10:57:45AM +0200, Tobias Klausmann wrote:
> > Hi!
> >
> > On Wed, 14 Oct 2015, Mike Frysinger wrote:
> > > anyone opposed to flipping this flag on by default ?
> > >
> > > reference:
> > > https://bugs.gentoo.org/5
On Thu, Oct 15, 2015 at 10:57:45AM +0200, Tobias Klausmann wrote:
> Hi!
>
> On Wed, 14 Oct 2015, Mike Frysinger wrote:
> > anyone opposed to flipping this flag on by default ?
> >
> > reference:
> > https://bugs.gentoo.org/506198
> > https://bugs.gentoo.org/556408
>
> No objection, but a bit of
Hi!
On Wed, 14 Oct 2015, Mike Frysinger wrote:
> anyone opposed to flipping this flag on by default ?
>
> reference:
> https://bugs.gentoo.org/506198
> https://bugs.gentoo.org/556408
No objection, but a bit of a datapoint. I use btrfs on one of my
machines, and that filesystem (apparently) does
On Wed, Oct 14, 2015 at 11:48:07PM -0400, Mike Frysinger wrote:
> USE=xattr is needed nowadays to support:
> - filesystem caps (those things that let you drop set*id and generally
> improves system security w/little to no runtime overhead)
> - PaX file markings (replaces binutils ELF markings)
>
USE=xattr is needed nowadays to support:
- filesystem caps (those things that let you drop set*id and generally
improves system security w/little to no runtime overhead)
- PaX file markings (replaces binutils ELF markings)
- selinux
we actually have USE=filecaps on by default already, and cataly
16 matches
Mail list logo