On Mon, Aug 6, 2018 at 5:53 PM Steve Langasek <steve.langa...@ubuntu.com> wrote: > > Hi John, > > On Mon, Aug 06, 2018 at 10:09:53PM +0100, John Lenton wrote: > > On Mon, 6 Aug 2018 at 21:16, Steve Langasek <steve.langa...@ubuntu.com> > > wrote: > > > > I think it's exceedingly unlikely that anyone is going to unpack, and > > > subsequently boot, an Ubuntu root tarball on a filesystem that doesn't > > > support xattrs. All the filesystems that Ubuntu supports out of the box > > > as > > > rootfs (in terms of installers, and filesystem tools preinstalled) support > > > xattrs. > > > while this is strictly true, 'snap pack' and 'snapcraft pack' > > currently disable xattrs, and the store will not approve snaps that > > are built with xattrs. > > Thanks, that's a useful data point. Do you think it is a practical concern > for snaps if an Ubuntu rootfs uses fscaps? Is this an argument against > allowing fscaps in Ubuntu, or should it just be a matter for snapcraft to > warn/error about on creation, guiding users to using setuid instead? > > As a worked example: the core snap does ship /bin/ping, which is currently > setuid-root in Ubuntu but would move to fscaps in this proposal. (The core > snap does not include mtr-tiny.) What do you believe is the correct outcome > here for /bin/ping in a future ubuntu core 20 snap? >
The upcoming Fedora base snap is likely to require maintaining xattrs, since we heavily use fscaps, among many other things. So this requirement will likely change. -- 真実はいつも一つ!/ Always, there's only one truth! -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
