1 |
USE=xattr is needed nowadays to support: |
2 |
- filesystem caps (those things that let you drop set*id and generally |
3 |
improves system security w/little to no runtime overhead) |
4 |
- PaX file markings (replaces binutils ELF markings) |
5 |
- selinux |
6 |
|
7 |
we actually have USE=filecaps on by default already, and catalyst |
8 |
hard requires tar[xattr] in order to work. the hardened profile |
9 |
also package.use.force's this flag on for some core packages. |
10 |
|
11 |
not too many packages actually utilize this flag, and when they do, |
12 |
it's to pull in the attr package which clocks in at <200 KiB. the |
13 |
runtime overhead tends to be low to non-existent as xattrs tend to |
14 |
be used only when requested. |
15 |
|
16 |
when support is not available in the FS or kernel, packages should |
17 |
generally fall back gracefully. |
18 |
|
19 |
anyone opposed to flipping this flag on by default ? |
20 |
|
21 |
reference: |
22 |
https://bugs.gentoo.org/506198 |
23 |
https://bugs.gentoo.org/556408 |
24 |
-mike |