Hi, Patrice Duroux wrote: > On the other hand, after modifying /etc/xattr.conf to replace: > system.nfs4_acl permissions > by: > system.nfs4_acl skip > then test.sh works nicely:
So we now know how to prevent the immediate problem. Does "system.nfs4_acl" show up in getfattr -d test.sh ? > Is there a risk to leave /etc/xattr.conf like this? Given our test results with "system.nfs4_acl" and your success with the changed configuration, i'd say it is mostly beneficial. You could of course try to remove this hard-to-digest attribute from the file: setfattr -x system.nfs4_acl test.sh > If I am right, this file is provided by libattr1 package and its > content is from upstream: > https://git.savannah.nongnu.org/cgit/attr.git/tree/xattr.conf I probably misinterpreted the comment in coreutils copy.c. SELinux and xattr.conf are not associated but only handled together in that piece of code. There remains the question how your file got this attribute. Was it created when the filesystem was exported via NFS ? In the web i find references to a command nfs4_setfacl. Debian has it in package nfs4-acl-tools: https://tracker.debian.org/pkg/nfs4-acl-tools Not very active but present from "old-old-stable" to Sid. Maybe it is the right package to learn more about the attribute of your file. Maybe it is even the origin of its existence. Have a nice day :) Thomas
