Hi everybody Our extended attribute API is derived from FreeBSD. It uses an int as the namespace. Two namespaces are defined, system and user. For UFS1, we store system attributes in /.attribute/system et user attributes in /.attribute/user. Other namespaces are not honoured.
Linux extended attribute API uses a dot-delimited string prefix in the attribute name as the namespace (e.g.: system.foo or user.bar). That scheme let developers easily introduce any new namespace. A few namespace are widely used and enjoy special treatments for access control: system, trusted, security and user. See Linux attr(5) for the details of acess control for the four deflined Linux namespaces: http://linux.die.net/man/5/attr We have a Linux API available from <sys/xattr.h>. It stores Linux system, trusted and security namespaces as native system namespace, and anything other as native user namespace. It is available in latest HEAD and netbsd-5. If one day we want to emulate the access control semantics of Linux trusted and security namespaces, we need to introduce native namespaces for them, otherwise we cannot tell the difference between them and system namespace. Since our extended attributes have never been usable in a a NetBSD release, I sugest to do it right now, as it will not cause backward incompatibility. Doing it after a reelase where trusted and security are mapped as system would need administrator intervention to fix things. Opinions? -- Emmanuel Dreyfus [email protected]
