Closed Gottox closed 1 year ago
Hi!
Thanks for mentioning the library. The core parts of the SquashFS reading/writing in squashfs-tools-ng
are also expose in an LGPL licensed, shared library. Unit testing of the core library is sadly still largely lacking.
As I understand it, the idea of this ticket is basically what I meant in #3. Currently gensquashfs
can generate SELinux xattrs from an SELinux label file. Parsing of the label file is done through libselinux
. My idea for ticket #3 was to either construct something with a similar syntax, or somehow add support for that to the pack file.
As for ACLs: The SquashFS format does not support ACLs and ACLs are an independent concept from Xattrs. It's only an oddity of a few filesystems to implement ACLs through Xattrs. See also: #25 #45 #83
Thanks for mentioning the library. The core parts of the SquashFS reading/writing in squashfs-tools-ng are also expose in an LGPL licensed, shared library. Unit testing of the core library is sadly still largely lacking.
Hey, I just learned that the library is LGPL. Maybe it would've made another decision if I had known this beforehand. Anyway, for me it was a great exercise to implement it by myself.
As for ACLs: The SquashFS format does not support ACLs and ACLs are an independent concept from Xattrs. It's only an oddity of a few filesystems to implement ACLs through Xattrs. See also: #25 #45 #83
That's interesting. I thought that it was implemented through Xattr by default. Thanks for the clarification. ACLs aren't my usecase anyway, but supporting linux-caps would be awesome.
I'm the author of libhsqs, a BSD licensed clean room (readlonly) squashfs implementation. As the developer of this software I'd like to write proper tests. Currently I'm using mksquash to generate test images, but this tools has its limitations.
The problem I'm currently facing is, that 1. I can't unit-test the
trusted
andsecurity
namespaces of xattr without root and 2. the tests aren't stable across different systems and filesystems (especially tmpfs doesn't allow theuser
namespace).I looked into gensquashfs, which mostly solves the need for root privileges, but it lacks a way to allow setting xattr/capabilities/acl from a pack-file. It would be awesome, if I could set those values in this file.