Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
new with 4.13 : security.SMACK64': Operation not permitted
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3510
Location: Hamburg

PostPosted: Sat Sep 09, 2017 9:57 am    Post subject: new with 4.13 : security.SMACK64': Operation not permitted Reply with quote

With this kernel kernel I'm now faced with a new message if I move a file from /tmp (tmpfs) onto my BTRFS drive :
Code:
mv: setting attribute 'security.SMACK64' for 'security.SMACK64': Operation not permitted

Or overlooked I this just at earlier kernels ?
FWIW
Code:
t44 linux # zgrep -e BTRFS -e SMACK -e TMPFS /proc/config.gz
CONFIG_DEVTMPFS=y
CONFIG_DEVTMPFS_MOUNT=y
CONFIG_BTRFS_FS=y
CONFIG_BTRFS_FS_POSIX_ACL=y
# CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set
# CONFIG_BTRFS_FS_RUN_SANITY_TESTS is not set
# CONFIG_BTRFS_DEBUG is not set
# CONFIG_BTRFS_ASSERT is not set
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_TMPFS_XATTR=y
CONFIG_SECURITY_SMACK=y
# CONFIG_SECURITY_SMACK_BRINGUP is not set
# CONFIG_SECURITY_SMACK_APPEND_SIGNALS is not set
CONFIG_DEFAULT_SECURITY_SMACK=y
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 6524
Location: almost Mile High in the USA

PostPosted: Sat Sep 09, 2017 6:08 pm    Post subject: Reply with quote

Looks new. I think this needs to be fixed in mv (coreutils), unsure if/when this will be fixed...
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
steveL
Advocate
Advocate


Joined: 13 Sep 2006
Posts: 4849
Location: The Peanut Gallery

PostPosted: Sat Sep 09, 2017 9:07 pm    Post subject: Reply with quote

I'd operate under YAGNI (You Ain't Gonna Need It) and turn it off altogether.
At minimum, you might want to turn it off as default, til you have tools that can grok it, and you actually want it.

If you don't know what it is, chances are you don't need it.
If you do need it later, chances are you'll get an emerge warning about it.

Or you already know you need it.

In any event, might want to check the Documentation and duckduckgo (or google) for more info.
IME that usually ends in YAGNI, though it's a fun waste of time^W^W^W^W^W fun to see what's coming up in kernel. ;-)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum