On Sat, Oct 24, 2015 at 11:22:55AM -0400, Brian Foster wrote: > On Sat, Oct 24, 2015 at 03:58:04PM +0200, Andreas Gruenbacher wrote: > > On Sat, Oct 24, 2015 at 2:57 PM, Brian Foster <bfoster@xxxxxxxxxx> wrote: > > > An alternative could be to just disallow setting these xattrs directly. > > > > Probably not because that would cause applications to fail in > > unexpected new ways. > > > > I suppose a backup/restore application might want to set these, but I'm > not aware of any other sane usage given they're in a filesystem specific > format at this point. We'd probably have to take a look at xfsdump, see > how it handles this, then see if there's a clean way to run through > necessary acl bits if we're called via setxattr(). xfsrestore restores all the xattrs via setxattr(). It does not care what they contain, it just restores them with the appropriate namespace flags (ATTR_ROOT, ATTR_SECURE or 0) that they had when read by xfsdump. So we cannot disable this functionality without breaking dump/restore. Really, I'm struggling to understand what the problem is with XFS doing translation to it's own special xattr names for ACLs underneath the posix layer. Yes, there's a caching issue when someone directly manipulates the underlying xattr, but you need root to shoot yourself in the foot that way, and that is easily solveable. What other problems are there? Cheers, Dave. -- Dave Chinner david@xxxxxxxxxxxxx _______________________________________________ xfs mailing list xfs@xxxxxxxxxxx http://oss.sgi.com/mailman/listinfo/xfs
