> On Nov 3, 2019, at 10:01 PM, bfields@xxxxxxxxxxxx wrote: > > On Fri, Oct 25, 2019 at 03:55:09PM -0400, Chuck Lever wrote: >>> On Oct 24, 2019, at 7:15 PM, Frank van der Linden <fllinden@xxxxxxxxxx> wrote: >>> I think both of these are cases of being careful. E.g. don't enable >>> something by default and allow it to be disabled at runtime in >>> case something goes terribly wrong. >>> >>> I didn't have any other reasons, really. I'm happy do to away with >>> the CONFIG options if that's the consensus, as well as the >>> nouser_xattr export option. >> >> I have similar patches adding support for access to a couple of >> security xattrs. I initially wrapped the new code with CONFIG >> but after some discussion it was decided there was really no >> need to be so cautious. >> >> The user_xattr export option is a separate matter, but again, >> if we don't know of a use case for it, I would leave it out for >> the moment. > > Agreed. > > Do ext4, xfs, etc. have an option to turn off xattrs? If so, maybe it > would be good enough to turn off xattrs on the exported filesystem > rather than on the export. Following the server's local file systems' mount options seems like a good way to go. In particular, is there a need to expose user xattrs on the server host, but prevent NFS clients' access to them? I can't think of one. > If not, maybe that's a sign that hasn't been a need. > > --b. -- Chuck Lever chucklever@xxxxxxxxx
