RFC: baseline requirements for Ubuntu rootfs: xattrs and fscaps

Steve Langasek steve.langasek at ubuntu.com
Thu Aug 2 18:21:28 UTC 2018 

On Thu, Aug 02, 2018 at 09:41:11AM -0700, Kees Cook wrote:
> On Wed, Aug 01, 2018 at 05:58:56PM -0700, Steve Langasek wrote:
> >  - Where root filesystems are distributed as tarballs, they are not
> >    currently created with --xattrs; this will need to be changed.

> What about initramfs? CPIO doesn't support xattr:
> https://lkml.kernel.org/r/1516850875-25066-1-git-send-email-takondra@cisco.com

This seems like it would only be relevant for IMA, not for fscaps (since
everything in the initramfs runs as uid 0).  Is that fair to say?

Since lack of xattrs in cpio is a known limitation, and files don't end up
in an initrd without specific action by a package (which would be the same
in Debian and Ubuntu), I think this is severable from the question of
requiring xattr-preserving handling of an Ubuntu root filesystem.

> >  - Users who are unpacking root tarballs need to take care to pass
> >    --xattrs-include=* to tar.
> >  - Users who are backing up or streaming Ubuntu root filesystems with tar or
> >    rsync will need to take care to pass non-default xattr-preserving options
> >    (tar --xattrs; rsync -X).

> How about making these default-enabled? Hoping people will remember seems
> fragile.

I think that's appropriate to pursue with the upstream, but that we should
still socialize the recommendation to use the options explicitly for
portability.

> >  - GNU tar's xattrs format incompatible with other unpack implementations
> >    (e.g. libarchive)[1].  Anyone using another unpacker will necessarily
> >    end up without fscaps.

> Seems like these unpackers should be fixed?

Actually it looks like this might have already been done.
https://github.com/libarchive/libarchive/pull/691

However, this code has only landed in libarchive 3.3.0; Ubuntu 18.04 has
libarchive 3.2.2 (as does cosmic).  I would consider a cherry-pick of this
appropriate for an SRU, if some Ubuntu developer thought it important enough
to do the work.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                   https://www.debian.org/
slangasek at ubuntu.com                                     vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20180802/5f612256/attachment.sig>

More information about the ubuntu-devel mailing list