From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Re: [rfc] enable USE=xattr by default
Date: Fri, 16 Oct 2015 19:42:10 -0400 [thread overview]
Message-ID: <56218B52.3020908@gentoo.org> (raw)
In-Reply-To: <20151016091411.44d4db5c@coreI5.fabnetwork>
On 10/16/15 3:14 AM, netfab wrote:
> Le 15/10/15 à 15:11, Duncan a tapoté :
>
> Is there a bug opened about this ?
> If the gentoo kernel XATTR patch is really required, it would be great
> if users who do not use a gentoo kernel were aware about this. Does
> PAX_MARKINGS="none" in make.conf (see pax-utils.eclass) is the way to
> go ? Also this problem has already been discussed on @gentoo-user ¹.
>
> 1. http://www.gossamer-threads.com/lists/gentoo/user/305478
>
I'm thinking that I should silence those warnings when we have
PAX_MARKINGS="" or PAX_MARKINGS unset in the make.conf file. Users who
want either PT or XT pax markings need to know about failures, but users
that don't care don't need to see anything.
We should make clear that pax markings are only supported on either
gentoo-sources or hardened-sources because those kernels carry the patch
which allow xattrs in the user.pax.* namespace on tmpfs. So if a users
emerges while running a gentoo-sources kernel and then boots into a
hardened-sources kernel, they'll get the correct pax markings. In fact,
you can switch back and forth between gentoo-sources and
hardened-sources all you like and the pax markings will be preserved.
But if you emerge when using a vanilla kernel or some other which
doesn't support user.pax.* on tmpfs, then you'll loose those markings.
Booting afterwards into a hardened-sources kernel will leave pkgs which
require pax markings broken.
--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : blueness@gentoo.org
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA
GnuPG ID : F52D4BBA
next prev parent reply other threads:[~2015-10-16 23:42 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-15 3:48 [gentoo-dev] [rfc] enable USE=xattr by default Mike Frysinger
2015-10-15 4:41 ` Jason Zaman
2015-10-15 8:57 ` Tobias Klausmann
2015-10-15 10:32 ` [gentoo-dev] " Duncan
2015-10-15 11:36 ` Anthony G. Basile
2015-10-15 10:56 ` [gentoo-dev] " Jason Zaman
2015-10-15 11:09 ` Alexander Tsoy
2015-10-15 12:07 ` [gentoo-dev] " Duncan
2015-10-15 11:22 ` [gentoo-dev] " Tobias Klausmann
2015-10-15 11:49 ` Rich Freeman
2015-10-15 11:24 ` Rich Freeman
2015-10-15 11:38 ` Anthony G. Basile
2015-10-15 11:47 ` Jason Zaman
2015-10-15 11:58 ` Alexander Tsoy
2015-10-15 12:02 ` Alexander Tsoy
2015-10-15 12:36 ` Rich Freeman
2015-10-15 15:11 ` [gentoo-dev] " Duncan
2015-10-16 7:14 ` netfab
2015-10-16 23:42 ` Anthony G. Basile [this message]
2015-10-16 23:49 ` Peter Stuge
2015-10-17 0:03 ` Anthony G. Basile
2015-10-17 0:15 ` Peter Stuge
2015-10-15 18:50 ` [gentoo-dev] " Mike Gilbert
2015-10-15 11:35 ` Anthony G. Basile
2015-10-15 11:30 ` Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56218B52.3020908@gentoo.org \
--to=blueness@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox