diff options
| author | rwatson <rwatson@FreeBSD.org> | 2000-04-15 03:34:27 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2000-04-15 03:34:27 +0000 |
| commit | a0dd5ab0fdc3b34857eb18eae8dae879d1e5b8cf (patch) | |
| tree | 4c1ff739a8025b89f8c9ed37caf68cd1a78eaedd /sys/conf | |
| parent | e7f9f3a94cc8b0fedca28cad6fd0d3a6c248d6d8 (diff) | |
| download | FreeBSD-src-a0dd5ab0fdc3b34857eb18eae8dae879d1e5b8cf.zip FreeBSD-src-a0dd5ab0fdc3b34857eb18eae8dae879d1e5b8cf.tar.gz | |
Introduce extended attribute support for FFS, allowing arbitrary
(name, value) pairs to be associated with inodes. This support is
used for ACLs, MAC labels, and Capabilities in the TrustedBSD
security extensions, which are currently under development.
In this implementation, attributes are backed to data vnodes in the
style of the quota support in FFS. Support for FFS extended
attributes may be enabled using the FFS_EXTATTR kernel option
(disabled by default). Userland utilities and man pages will be
committed in the next batch. VFS interfaces and man pages have
been in the repo since 4.0-RELEASE and are unchanged.
o ufs/ufs/extattr.h: UFS-specific extattr defines
o ufs/ufs/ufs_extattr.c: bulk of support routines
o ufs/{ufs,ffs,mfs}/*.[ch]: hooks and extattr.h includes
o contrib/softupdates/ffs_softdep.c: extattr.h includes
o conf/options, conf/files, i386/conf/LINT: added FFS_EXTATTR
o coda/coda_vfsops.c: XXX required extattr.h due to ufsmount.h
(This should not be the case, and will be fixed in a future commit)
Currently attributes are not supported in MFS. This will be fixed.
Reviewed by: adrian, bp, freebsd-fs, other unthanked souls
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/conf')
| -rw-r--r-- | sys/conf/NOTES | 5 | ||||
| -rw-r--r-- | sys/conf/files | 1 | ||||
| -rw-r--r-- | sys/conf/options | 5 |
3 files changed, 11 insertions, 0 deletions
diff --git a/sys/conf/NOTES b/sys/conf/NOTES index 629eebf..d68acb8 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -632,6 +632,11 @@ options DEVFS #devices filesystem # #options SOFTUPDATES +# Extended attributes allow additional data to be associated with files, +# and is used for ACLs, Capabilities, and MAC labels +# +options FFS_EXTATTR + # Make space in the kernel for a root filesystem on a md device. # Define to the number of kilobytes to reserve for the filesystem. options MD_ROOT_SIZE=10 diff --git a/sys/conf/files b/sys/conf/files index a0e1514..937b46b 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -857,6 +857,7 @@ ufs/mfs/mfs_vfsops.c optional mfs ufs/mfs/mfs_vnops.c optional mfs ufs/ufs/ufs_bmap.c standard ufs/ufs/ufs_disksubr.c standard +ufs/ufs/ufs_extattr.c standard ufs/ufs/ufs_ihash.c standard ufs/ufs/ufs_inode.c standard ufs/ufs/ufs_lookup.c standard diff --git a/sys/conf/options b/sys/conf/options index c200a94..d58c413 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -117,6 +117,11 @@ NWFS # otherwise a STUB module will be compiled in. SOFTUPDATES opt_ffs.h +# Enabling this option turns on support for extended attributes +# in FFS, which can be used to support high security configurations +# as well as new file system features. +FFS_EXTATTR opt_ffs.h + # The above static dependencies are planned removed, with a # <filesystem>_ROOT option to control if it usable as root. This list # allows these options to be present in config files already (though |
