On Sun, Aug 27, 2023 at 09:55:23PM +0200, Felix Palmen wrote: > * Dmitry Chagin <dcha...@freebsd.org> [20230827 22:46]: > > On Sun, Aug 27, 2023 at 07:59:32PM +0200, Felix Palmen wrote: > > > * Dmitry Chagin <dcha...@freebsd.org> [20230827 20:54]: > > > > 1. which fs are you using? > > > > > > ZFS. > > > > > > > 2. jailed? > > > > > > Yes, this is during building ports with poudriere. > > > > > > > I think it's a weird prohibition on changing system namespace extattr > > attributes, look to comments in extattr_check_cred() > > Maybe that's when I should finally start trying to understand the stuff > in src.git ;) > > > I can fix this completely disabling exttatr for jailed proc, > > however, it's gonna be bullshit, though > > Would probably be better than nothing. AFAIK, "Linux jails" are used a > lot, probably with userlands from distributions actually using xattr. >
It might sense to allow this priv (PRIV_VFS_EXTATTR_SYSTEM) for linux jails by default? What do think, James?
