[Labeled-nfs] Current development prototype patches.
Casey Schaufler
casey at schaufler-ca.com
Sat Aug 4 14:38:06 EDT 2007
--- James Morris <jmorris at namei.org> wrote:
> On Fri, 3 Aug 2007, Matthew N. Dodd wrote:
>
> > I would like to ask opinions on a less EA centric mechanism for setting
> labels
> > from userland. As we're pursuing a labeling solution that does not rely on
> > EAs for persistent storage (from the client's point of view) it becomes
> > difficult to shoehorn things so that userland tools work as expected.
Why would you do that? The xattr infrastructure works very well
for labeling. Labeling was in fact the only use to which it was
put during it's initial Unix development at SGI.
> EAs are an established API for manipulating fs labels under Linux. I
> think it's good from a userland consistency point of view to maintain EAs
> as the labeling API for NFS. The user-visible API does not necessarily
> need to match the mechanism used to transfer labels over the wire (indeed,
> NFSv4 ACLS under Linux use EAs locally but not on the wire).
I agree. EAs over NFS are not very hard. Have you seen the SGI published
xattr extension? It's not large or particularly complex, and it has
about 10 years exposure in the Unix environment.
> Perhaps I'm missing something -- can you provide an example of how you're
> having to shoehorn things ?
Again, me too. Are you worried about translation issues?
Or do you just dislike the attr(1) command as much as I do?
Casey Schaufler
casey at schaufler-ca.com
More information about the Labeled-nfs
mailing list