On Thu, Oct 15, 2015 at 07:38:43AM -0400, Anthony G. Basile wrote: > On 10/15/15 7:24 AM, Rich Freeman wrote: > > On Thu, Oct 15, 2015 at 6:56 AM, Jason Zaman <perfin...@gentoo.org> wrote: > >> Can you try this: > >> > >> # getfattr -d -m- /bin/ping > >> security.capability=0sAQAAAgAgAAAAAAAAAAAAAAAAAAA= > >> # setfattr -n user.test -v "foo" ./ping > >> # setfattr -n user.pax.flags -v "me" ./ping > >> # getfattr -d -m- /bin/ping > >> security.capability=0sAQAAAgAgAAAAAAAAAAAAAAAAAAA= > >> user.pax.flags="me" > >> user.test="foo" > >> > >> If this works then something else is causing those messages and we > >> should look into it further. > > This behaves exactly as described above for me on btrfs, but I still > > do get all the error messages whenever I install stuff. > > > > I assume the extra attributes are harmless and will get removed the > > next time I update ping? > > > okay its good to know that that this does work. something might be > misconfigured on tobias's box. > > let me know any problems with XATTR_PAX markings because that's going to > become the default soon and in the near future the only option once we > drop the PT_PAX patch from binutils.
I seem to recall something about PaX enabling user.* xattrs on tmpfs and mainline kernel supports only security.* on tmpfs. Could that be the cause? If that is the case then what do we do about everyone that is using gentoo-sources? It probably doesnt matter so just silencing the errors is probably enough. -- Jason > > -- > Anthony G. Basile, Ph.D. > Gentoo Linux Developer [Hardened] > E-Mail : bluen...@gentoo.org > GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA > GnuPG ID : F52D4BBA > >
