unionfs, tmpfs, and xattrs
James Morris
jmorris at namei.org
Tue Feb 7 23:26:02 UTC 2006
On Tue, 7 Feb 2006, Bill Nottingham wrote:
> The way xattrs appear to work on tmpfs is that the VFS tries the getxattr
> op of tmpfs (which fails, as it doesn't exist), and then does an end-run
> around in the selinux code to get an attribute, as long as you're only
> looking for the security xattr.
What it's doing is checking if the fs can supply a security xattr, and if
not, allows the kernel to supply one.
> This means that anything on tmpfs can have a xattr retrieved from userspace
> just fine with getxattr(2), but if you try and get it in the kernel via
> 'normal' means (such as the inode's getxattr method), it will fail. This
> breaks tmpfs as part of a unionfs branch pretty badly.
>
> Why was xattrs-on-tmpfs done this way? It seems somewhat hackish.
So xattrs do not have to be implemented for every type of psudo fs.
What is the upstream status of unionfs?
> I could theoretically patch unionfs to call the vfs method, but... ew.
--
James Morris
<jmorris at namei.org>
More information about the fedora-selinux-list
mailing list