Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

new with 4.13 : security.SMACK64': Operation not permitted
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3922
Location: Hamburg
PostPosted: Sat Sep 09, 2017 9:57 am    Post subject: new with 4.13 : security.SMACK64': Operation not permitted Reply with quote
With this kernel kernel I'm now faced with a new message if I move a file from /tmp (tmpfs) onto my BTRFS drive :
Code:
mv: setting attribute 'security.SMACK64' for 'security.SMACK64': Operation not permitted

Or overlooked I this just at earlier kernels ?
FWIW
Code:
t44 linux # zgrep -e BTRFS -e SMACK -e TMPFS /proc/config.gz
CONFIG_DEVTMPFS=y
CONFIG_DEVTMPFS_MOUNT=y
CONFIG_BTRFS_FS=y
CONFIG_BTRFS_FS_POSIX_ACL=y
# CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set
# CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set
# CONFIG_BTRFS_DEBUG is not set
# CONFIG_BTRFS_ASSERT is not set
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_TMPFS_XATTR=y
CONFIG_SECURITY_SMACK=y
# CONFIG_SECURITY_SMACK_BRINGUP is not set
# CONFIG_SECURITY_SMACK_APPEND_SIGNALS is not set
CONFIG_DEFAULT_SECURITY_SMACK=y
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9679
Location: almost Mile High in the USA
PostPosted: Sat Sep 09, 2017 6:08 pm    Post subject: Reply with quote
Looks new. I think this needs to be fixed in mv (coreutils), unsure if/when this will be fixed...
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery
PostPosted: Sat Sep 09, 2017 9:07 pm    Post subject: Reply with quote
I'd operate under YAGNI (You Ain't Gonna Need It) and turn it off altogether.
At minimum, you might want to turn it off as default, til you have tools that can grok it, and you actually want it.

If you don't know what it is, chances are you don't need it.
If you do need it later, chances are you'll get an emerge warning about it.

Or you already know you need it.

In any event, might want to check the Documentation and duckduckgo (or google) for more info.
IME that usually ends in YAGNI, though it's a fun waste of time^W^W^W^W^W fun to see what's coming up in kernel. ;-)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy