See the attr(5) manual > + page and for more information > + about extended attributes. If you have extended > + attribute support enabled in the kernel configuration > + (CONFIG_EXT4_FS_XATTR), extended attribute support > + is enabled by default on mount. > +nouser_xattr Disables Extended User Attributes. > - See the acl(5) manual page and > - for more information. > - Additionally, you need to have ACL support enabled in > - the kernel configuration (CONFIG_EXT4_FS_POSIX_ACL). > - > -acl Enables POSIX Access Control Lists support. > - > -nouser_xattr Disables Extended User Attributes. See the > - attr(5) manual page and to > - learn more about extended attributes. Additionally, you > - need to have extended attribute support enabled in the > - kernel configuration (CONFIG_EXT4_FS_XATTR). > -user_xattr Enables Extended User Attributes. > - > Documentation/filesystems/ext4.txt | 25 +++++++++++- > 1 files changed, 11 insertions(+), 14 deletions(-) > diff -git a/Documentation/filesystems/ext4.txt b/Documentation/filesystems/ext4.txt > index 3ae9bc9.9544e2c 100644 > - a/Documentation/filesystems/ext4.txt > +++ b/Documentation/filesystems/ext4.txt > -209,22 +209,19 oldalloc This disables the Orlov block allocator and enables > performance - we'd like to get some feedback if it's > the contrary for you. We can not easily > deprecate mount options itself (since it is probably too early), > but we can remove it from documentation first. > Acl and user_xattr mount options are no longer needed since those > features are enabled by default if configured in (seee commit > ea6633369458992241599c9d9ebadffaeddec164). Subject: ext4: Documenatation: remove acl and user_xattr mount (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) The user namespace is intended for aritrary metadata that we can define on our own.X-Original-To: from ( )īy (Postfix) with ESMTP id 2C62BB6F18 As of today I am not aware of any application that makes use of the trusted namespace. Like with security attributes access is limited to processes with the CAP_SYS_ADMIN capability. Note that user space refers to user mode/kernel mode and does not mean the file owner can edit those attributes. The trusted namespace is similar to the security namespace except that it is intended for user space. Unlike in the security namespace marc can write here (see ). The system namespace is mainly used for ACLs like we have seen before. You may want to check getfattr -dm - /usr/bin/ping. Write access to that namespace is limited to processes with the CAP_SYS_ADMIN capability. The security namespace is used to store security related attributes like file contexts for SELinux or capabilities (check out ). The size and the amount are limited by the filesystem we use. Within each namespace we can have multiple key/value pairs. Namespaces are also known as classes as they describe the class of the attribute. The important thing here to notice is not our ACL itself (we have setfacl to decode it) but the structure we see here which is `$Įxtended attributes are divided into 4 namespaces: user, security, trust and system. System.posix_acl_access=0sAgAAAAEABgD/////AgAEAOoDAAAEAAQA/////xAABAD/////IAAEAP////8=
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |