From owner-freebsd-arch Tue Apr 11 9:29:50 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (Postfix) with ESMTP id DF6DE37B7B0 for ; Tue, 11 Apr 2000 09:29:45 -0700 (PDT) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.3/8.9.3) with ESMTP id SAA15711 for ; Tue, 11 Apr 2000 18:29:46 +0200 (CEST) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id SAA08169 for freebsd-arch@freebsd.org; Tue, 11 Apr 2000 18:29:42 +0200 (CEST) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 8A0B337BABC for ; Tue, 11 Apr 2000 09:28:53 -0700 (PDT) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id MAA37293 for ; Tue, 11 Apr 2000 12:28:51 -0400 (EDT) (envelope-from robert@cyrus.watson.org) Date: Tue, 11 Apr 2000 12:28:51 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: freebsd-arch@freebsd.org Subject: file system extended attributes support (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ---------- Forwarded message ---------- Date: Mon, 10 Apr 2000 01:39:41 -0400 (EDT) From: Robert Watson Reply-To: Robert Watson To: freebsd-fs@freebsd.org Subject: file system extended attributes support As part of the supporting code base for a number of security-related projects on FreeBSD, I've hacked up extended attribute support for FreeBSD. This allows arbitrary named attributes to be associated with each inode, maintained by the kernel. In December, I committed APIs associated with this code to the FreeBSD repository, and now after a few months of testing and use, I'd like to commit the code itself to the repo. Doing so will facilitate the further development of a number of security-related projects, including the TrustedBSD MAC, ACL, and Capability support, as well as third party security code such as the NAI/TIS Labs FreeDTE code. This code is similar to the Quota code, in that it stores attributes in backing files in the file system (or in another file system), and may be enabled per-FFS partition. My feeling is that this approach allows maximum flexibility at this point in the life cycle of FreeBSD in terms of VFS maturity. As the support for stacked file systems matures, I'd be willing to reconsider the manner in which this is implemented. The current version of the code, diff'd from the main repo a few days ago on the 5.0-CURRENT (head) branch, is available for download at: http://www.trustedbsd.org/downloads/ It contains a great deal of #ifdef'd debugging code, but also contains some utilities that can be experimented with. I recommend reading the extattrctl man page first. The excessive debugging code will be stripped before committing, and once I'm confident that it works for more than just the four or five people who've used it thus far :-). Thanks, Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message