Gentoo Archives: gentoo-dev

From: Mike Frysinger <vapier@g.o>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] [rfc] enable USE=xattr by default
Date: Thu, 15 Oct 2015 03:48:19
Message-Id: 20151015034807.GK4446@vapier.lan
1 USE=xattr is needed nowadays to support:
2 - filesystem caps (those things that let you drop set*id and generally
3 improves system security w/little to no runtime overhead)
4 - PaX file markings (replaces binutils ELF markings)
5 - selinux
6
7 we actually have USE=filecaps on by default already, and catalyst
8 hard requires tar[xattr] in order to work. the hardened profile
9 also package.use.force's this flag on for some core packages.
10
11 not too many packages actually utilize this flag, and when they do,
12 it's to pull in the attr package which clocks in at <200 KiB. the
13 runtime overhead tends to be low to non-existent as xattrs tend to
14 be used only when requested.
15
16 when support is not available in the FS or kernel, packages should
17 generally fall back gracefully.
18
19 anyone opposed to flipping this flag on by default ?
20
21 reference:
22 https://bugs.gentoo.org/506198
23 https://bugs.gentoo.org/556408
24 -mike

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] [rfc] enable USE=xattr by default Jason Zaman <perfinion@g.o>
Re: [gentoo-dev] [rfc] enable USE=xattr by default Tobias Klausmann <klausman@g.o>
Re: [gentoo-dev] [rfc] enable USE=xattr by default "Anthony G. Basile" <blueness@g.o>