Add support for shipping extended attributes in debs

To: debian-dpkg@lists.debian.org
Subject: Add support for shipping extended attributes in debs
From: Matthew Garrett <mjg59@google.com>
Date: Tue, 1 May 2018 13:37:26 -0700
Message-id: <[🔎] 20180501203731.62577-1-mjg59@google.com>

This is currently something of a scratch proposal, but let's see where
it goes. This patchset adds support for shipping an mtree file within
debs, which (right now) is only used for writeout of extended
attributes. The idea is that additional metadata can be incorporated
into the mtree file, providing a unified format for metadata storage and
making it easy to compare the installed system state to the default
package state (and restore it if necessary).

I'm primarily interested in using this to ship security metadata in the
form of security.ima and security.evm, but this also provides a way to
ship file capabilities without requiring postinst to mess about with
setcap.

Reply to:

Follow-Ups:
- [PATCH 3/5] Add an implementation of base64
  - From: Matthew Garrett <mjg59@google.com>
- [PATCH 4/5] Allow (and require) absolute pathnames in mtree files
  - From: Matthew Garrett <mjg59@google.com>
- [PATCH 5/5] Add support for writing out extended attributes
  - From: Matthew Garrett <mjg59@google.com>
- [PATCH 2/5] Add extended attribute support to mtree
  - From: Matthew Garrett <mjg59@google.com>
- Re: Add support for shipping extended attributes in debs
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Add support for shipping extended attributes in debs
  - From: Matthew Garrett <mjg59@google.com>
- Re: Add support for shipping extended attributes in debs
  - From: Guillem Jover <guillem@debian.org>

Prev by Date: [PATCH 5/5] Add support for writing out extended attributes
Next by Date: [PATCH 2/5] Add extended attribute support to mtree
Previous by thread: Re: RFC: Support for zstd in .deb packages?
Next by thread: [PATCH 3/5] Add an implementation of base64
Index(es):
- Date
- Thread