From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 0/3] fs: fix and better handle capabilities
Date: Sat, 27 Oct 2018 09:45:56 +0200 [thread overview]
Message-ID: <cover.1540626349.git.yann.morin.1998@free.fr> (raw)
Hello All!
As reported by Ricardo in #11216, and recently noticed thanks to the
runtime tests he added, handling file capabilities is broken.
Ricardo did a very good job at pinpointing the issue, and that is caused
by the recent-ish split of the filesystem infra with the use of the
intermediate tarball.
It turns out that playing with fakeroot, tar, and capabilities is a lost
game, as fakeroot behaves badly with the special handling tar does with
the security.capability extended attribute.
To fix that, we postpone handling of capabilities later, down into each
filesystem commands, right after extracting the intermediate tarball.
Discussion about this at the developers days lead to the suggestion
that, maybe, we should in fact not use an intermediate tarball, and
instead have each filesystem duplicate the currently common actions.
This is a bigger endeavour, and one that needs more thinking into.
In the meantime, this patchset is a pragmatic approach to solve the
problem.
Regards,
Yann E. MORIN.
The following changes since commit cbf62fc5692cc04a2f721260d5e7f8a2558b4bb1
mysql: properly order "depends on" vs. bool (2018-10-26 21:28:31 +0200)
are available in the git repository at:
git://git.buildroot.org/~ymorin/git/buildroot.git
for you to fetch changes up to 99d38f609529976ec574c3a05b6665cf3dd0669d
fs: fix condition to create static devices (2018-10-27 09:43:55 +0200)
----------------------------------------------------------------
Yann E. MORIN (3):
fs: apply permissions late
fs: be oblivious of pre-existing xattrs
fs: fix condition to create static devices
fs/common.mk | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
next reply other threads:[~2018-10-27 7:45 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-27 7:45 Yann E. MORIN [this message]
2018-10-27 7:45 ` [Buildroot] [PATCH 1/3] fs: apply permissions late Yann E. MORIN
2018-10-27 13:14 ` Matthew Weber
2018-10-30 20:23 ` Yann E. MORIN
2018-10-31 1:18 ` Matthew Weber
2018-10-31 21:49 ` Yann E. MORIN
2018-11-02 20:29 ` Matthew Weber
2018-11-03 13:38 ` Thomas Petazzoni
2018-11-10 17:17 ` Yann E. MORIN
2018-11-07 23:43 ` Arnout Vandecappelle
2018-11-09 20:13 ` Arnout Vandecappelle
2018-11-10 17:08 ` Yann E. MORIN
2018-11-10 17:57 ` Yann E. MORIN
2018-11-11 16:02 ` Arnout Vandecappelle
2018-11-11 16:44 ` Yann E. MORIN
2018-11-11 20:03 ` Peter Korsgaard
2018-11-11 20:02 ` Peter Korsgaard
2018-11-12 8:17 ` Yann E. MORIN
2018-11-08 22:58 ` Peter Korsgaard
2018-11-09 8:55 ` Peter Korsgaard
2018-11-10 17:07 ` Yann E. MORIN
2018-10-27 7:45 ` [Buildroot] [PATCH 2/3] fs: be oblivious of pre-existing xattrs Yann E. MORIN
2018-11-02 20:31 ` Matthew Weber
2018-10-27 7:46 ` [Buildroot] [PATCH 3/3] fs: fix condition to create static devices Yann E. MORIN
2018-11-02 20:34 ` Matthew Weber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1540626349.git.yann.morin.1998@free.fr \
--to=yann.morin.1998@free.fr \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox