[Buildroot] [PATCH 1/1] iputils: set the permissions with IPUTILS_PERMISSIONS

[Arnout Vandecappelle]

On 19/06/2019 07:01, Petr Vorel wrote:
> Hi Arnout,
> 
>>>>  > It'd be nice if buildroot has BR2_TARGET_ROOTFS_HAS_XATTRS.
> 
>>>> The problem is that you can enable several rootfs formats at the same
>>>> time (E.G. tar and cramfs), so we would need to only use xattrs if no
>>>> file system without xattrs support is enabled.
> 
>>  So maybe we could add a system option BR2_SYSTEM_XATTR that enables the use of
>> xattr.
> +1
> 
>>  Currently we have nothing using xattr, but there are quite a few packages that
>> could benefit from it, e.g. libpcap, and SELinux stuff.
> And IMA+EVM kernel features.
> 
>>  We could use that option to enable xattr instead of setuid where relevant, and
>> to disable filesystems that don't support xattr.
> 
> 
>>>> And things would break if you do a build with E.G. only tar rootfs
>>>> support and then afterwards enable cramfs without doing a clean
>>>> rebuild - Yes, I know you are not supposed to do that, but it does
>>>> happen.
> 
>>  I don't think we need to worry about that. But actually, with the
>> BR2_SYSTEM_XATTR option, it would even work since it's only taken into account
>> during finalize.
> 
> 
>>> Thanks for detailed info. I guess in that case is setuid really the only option.
> 
>>  It isn't, but the alternatives are a lot of work :-)
> :-). Do you plan to work on it? If not, I might do in next few weeks (I'm quite
> busy during summer).

 I don't do any work myself, I just occasionally apply patches :-) And I think
for Peter it's pretty much the same thing.

 Regards,
 Arnout