Can someone advise how I can enable extended attributes in a "system" namespace within a jailed (or bhyve) environment? There was no guidance in "man jail" nor "man jail.conf".
Simple test >From the host or base system: # touch /a ; setextattr user t1 first /a ; getextattr user t1 /a /a first # touch /a ; setextattr system t2 second /a ; getextattr system t2 /a /a second Within a jail: # touch /a ; setextattr user t1 first /a ; getextattr user t1 /a /a first # touch /a ; setextattr system t2 second /a ; getextattr system t2 /a setextattr: /a: failed: Operation not permitted getextattr: /a: failed: Operation not permitted The impact of this is that SAMBA after 4.3 uses "system" namespace extended attributes; hence can not provision an Active Directory within a jailed environment. (For the inclined, this affects sysvol, and interestingly "rsync -x" is unable to copy extended attributes, so having consistent sysvols across a SAMBA domain may be a challenge) Regards, Dewayne. _______________________________________________ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"