On 12/29/12 2:08 PM, Eric Sandeen wrote:
> On 12/29/12 12:41 PM, fugazzi® wrote:
>> Hi everyone, I had a problem with xfsrestore not restoring Linux
>> on my system.
>> If I do "getcap ping" on my XFS file-system I normally get:
>> /usr/bin/ping = cap_net_raw+ep.
>> On the contrary, after a restore I get nothing, the capability is gone.
>> I tried with posix acls and they got restored correctly so the problem seems
>> to be only connected with capabilities.
>> This is annoying because after a restore I have to remember to re install
>> packages that used capabilities to have them back on, otherwise no ping with
>> normal user for example.
>> I use Arch Linux 64 bit with kernel 3.7.1 vanilla on a core2 quad system.
>> Hope this will be of help,
>> Thank you,
> I get the same thing on my RHEL6 box FWIW; I'll try to look into it.
Ok, here's what's going on; during the restore the cap does get set:
xfs_xattr_set/xfsrestore: name is capability, value is
xfs_xattr_set/xfsrestore: returns 0
but then it gets removed again:
xfs_xattr_set/xfsrestore: name is capability, value is (null)
xfs_xattr_set/xfsrestore: no value, removing, returning 0
Pid: 18041, comm: xfsrestore Tainted: GF O 3.8.0-rc2 #2
[<ffffffffa028de68>] xfs_xattr_set+0x118/0x120 [xfs]
so xfsrestore does set the capability, but then it does a chown which triggers
security_inode_killpriv() and removes it again. \o/
perhaps we just need to swap the order of the xattr restores and the chowns in
the xfsrestore process.