RFC: baseline requirements for Ubuntu rootfs: xattrs and fscaps
Kees Cook
kees at ubuntu.com
Thu Aug 2 16:41:11 UTC 2018
On Wed, Aug 01, 2018 at 05:58:56PM -0700, Steve Langasek wrote:
> - Where root filesystems are distributed as tarballs, they are not
> currently created with --xattrs; this will need to be changed.
What about initramfs? CPIO doesn't support xattr:
https://lkml.kernel.org/r/1516850875-25066-1-git-send-email-takondra@cisco.com
> - Users who are unpacking root tarballs need to take care to pass
> --xattrs-include=* to tar.
> - Users who are backing up or streaming Ubuntu root filesystems with tar or
> rsync will need to take care to pass non-default xattr-preserving options
> (tar --xattrs; rsync -X).
How about making these default-enabled? Hoping people will remember seems
fragile.
> - GNU tar's xattrs format incompatible with other unpack implementations
> (e.g. libarchive)[1]. Anyone using another unpacker will necessarily
> end up without fscaps.
Seems like these unpackers should be fixed?
-Kees
--
Kees Cook
More information about the ubuntu-devel
mailing list