Date: Tue, 11 Apr 2000 12:28:51 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: freebsd-arch@freebsd.org Subject: file system extended attributes support (fwd) Message-ID: <Pine.NEB.3.96L.1000411122816.34129F-100000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
---------- Forwarded message ---------- Date: Mon, 10 Apr 2000 01:39:41 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> Reply-To: Robert Watson <robert+freebsd@cyrus.watson.org> To: freebsd-fs@freebsd.org Subject: file system extended attributes support As part of the supporting code base for a number of security-related projects on FreeBSD, I've hacked up extended attribute support for FreeBSD. This allows arbitrary named attributes to be associated with each inode, maintained by the kernel. In December, I committed APIs associated with this code to the FreeBSD repository, and now after a few months of testing and use, I'd like to commit the code itself to the repo. Doing so will facilitate the further development of a number of security-related projects, including the TrustedBSD MAC, ACL, and Capability support, as well as third party security code such as the NAI/TIS Labs FreeDTE code. This code is similar to the Quota code, in that it stores attributes in backing files in the file system (or in another file system), and may be enabled per-FFS partition. My feeling is that this approach allows maximum flexibility at this point in the life cycle of FreeBSD in terms of VFS maturity. As the support for stacked file systems matures, I'd be willing to reconsider the manner in which this is implemented. The current version of the code, diff'd from the main repo a few days ago on the 5.0-CURRENT (head) branch, is available for download at: http://www.trustedbsd.org/downloads/ It contains a great deal of #ifdef'd debugging code, but also contains some utilities that can be experimented with. I recommend reading the extattrctl man page first. The excessive debugging code will be stripped before committing, and once I'm confident that it works for more than just the four or five people who've used it thus far :-). Thanks, Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000411122816.34129F-100000>