On Tue, 7 Feb 2006, Bill Nottingham wrote: > The way xattrs appear to work on tmpfs is that the VFS tries the getxattr > op of tmpfs (which fails, as it doesn't exist), and then does an end-run > around in the selinux code to get an attribute, as long as you're only > looking for the security xattr. What it's doing is checking if the fs can supply a security xattr, and if not, allows the kernel to supply one. > This means that anything on tmpfs can have a xattr retrieved from userspace > just fine with getxattr(2), but if you try and get it in the kernel via > 'normal' means (such as the inode's getxattr method), it will fail. This > breaks tmpfs as part of a unionfs branch pretty badly. > > Why was xattrs-on-tmpfs done this way? It seems somewhat hackish. So xattrs do not have to be implemented for every type of psudo fs. What is the upstream status of unionfs? > I could theoretically patch unionfs to call the vfs method, but... ew. -- James Morris <jmorris@xxxxxxxxx> -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
