[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Add support for shipping extended attributes in debs

This is currently something of a scratch proposal, but let's see where
it goes. This patchset adds support for shipping an mtree file within
debs, which (right now) is only used for writeout of extended
attributes. The idea is that additional metadata can be incorporated
into the mtree file, providing a unified format for metadata storage and
making it easy to compare the installed system state to the default
package state (and restore it if necessary).

I'm primarily interested in using this to ship security metadata in the
form of security.ima and security.evm, but this also provides a way to
ship file capabilities without requiring postinst to mess about with

Reply to: