On 05/30/2013 11:45 AM, Magnus Granberg wrote:
torsdag 30 maj 2013 11.13.45 skrev Anthony G. Basile:
migrate-pax also will copy PT_PAX to XATTR_PAX flags identically with
one exception, if PT_PAX = "-e---" then no user.pax.flags xattr is
created. I am always thinking in terms of either PAX_PT_PAX_FLAGS xor
PAX_XATTR_PAX_FLAGS is on, not both. When both are on, we fall back on
what you describe. So I adopted the approach: don't copy "-e---" to
XATTR_PAX and when you reboot into a PAX_PT_PAX_FLAGS=n and
PAX_XATTR_PAX_FLAGS=y kernel, you'll get the desired behavior.
A good approach or no?
To use xattr pax flags PAX_MARKINGS need to be set to XT in make.conf
else will portage default to PT when marking.
Thanks Mangus for reminding us. We had to set the default portage
behaviour to just doing PT_PAX markings because there were two
remanining issues: 1) making sure that even gentoo-sources would
preserve user.pax.flags on tmpfs and 2) fixing the default behavior of
install which currently does not preserve xattrs.
The former is solved. This was needed for people who switch back and
forth between gentoo-sources and hardened-sources (there are a few, even
I do sometimes). We don't want to loose XATTR_PAX flags when emerging
with gentoo-sources.
The latter is going to bump up against GNU standards. But I have a plan :)
Python need EMUTRAMP enable in the kernel with newer libffi and python
and have the E mark on the binary.
/Magnus
This is now on by default so a user has to deliberally turn off EMUTRAMP
rather than vice versa.
--
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197
