[Top] [All Lists]

attr vs. getfattr

To: xfs@xxxxxxxxxxx
Subject: attr vs. getfattr
From: Christian Kujau <lists@xxxxxxxxxxxxxxx>
Date: Thu, 7 Jun 2012 05:26:59 -0700 (PDT)
User-agent: Alpine 2.01 (DEB 1266 2009-07-14)

I have an issue with extended attributes on this machine (Debian/stable, 
2.6.32-5-amd64). This box is slowly being moved towards fully SELinux 
enabled and apparently some files have been labelled with SELinux 

# ls -l vnstat.conf
-rw-r--r--. 2 root root 2890 Jan 15 04:05 vnstat.conf

# ls -lZ vnstat.conf
-rw-r--r--. 2 root root unconfined_u:object_r:etc_t:s0 2890 Jan 15 04:05 

OK. But when I actually want to see the attributes, this happens:

# getfattr --dump vnstat.conf

I.e. "nothing" is printed. I understand there's "attr" specifically for 
XFS filesystems and at least it displays that there *is* an attribute 
stored, but it cannot get its value:

# attr -l vnstat.conf
Attribute "selinux" has a 31 byte value for vnstat.conf

# attr -g selinux vnstat.conf 
attr_get: No data available
Could not get "selinux" for vnstat.conf

Now that I know the attribute's name, I try to use "getfattr" to display 
its value:

# getfattr -n selinux vnstat.conf
vnstat.conf: selinux: Operation not supported

via strace:

getxattr("vnstat.conf", "selinux", 0x0, 0) = -1 EOPNOTSUPP (Operation not 

Can someone explain to me what's going on? The reason for all this that I 
actually want to remove the selinux attributes from some directories[0], 
but this isn't working either:

# attr -r selinux vnstat.conf 
attr_remove: No data available
Could not remove "selinux" for vnstat.conf

Tbh, I'm not too savvy with SELinux, but the system is in "permissive" 
mode, so it should not interfere:

# getenforce

# df -h .
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/data       27G   25G  1.6G  95% /data

# grep /data /proc/mounts
/dev/mapper/data /data xfs 
rw,seclabel,nosuid,nodev,relatime,attr2,nobarrier,noquota 0 0
# grep /data /etc/mtab
/dev/mapper/data /data xfs rw,nosuid,nodev,nobarrier 0 0

# grep _XFS /boot/config-2.6.32-5-amd64 
# CONFIG_XFS_DEBUG is not set

Anyone got an idea what's going on here/what I am missing?


[0] Why? Because I want to rsync from a remote machine, where
    the files do NOT have SELinux attributes. In essence the same
    scenario as in https://bugzilla.redhat.com/show_bug.cgi?id=461486
BOFH excuse #359:

YOU HAVE AN I/O ERROR -> Incompetent Operator error

<Prev in Thread] Current Thread [Next in Thread>