FreeBSD does not permits manipulating extended attributes in the system
namespace by unprivileged accounts, even if account has appropriate
privileges to access filesystem object.
In Linux the system namespace is used to preserve posix acls. Some Gnu
coreutils binaries uses posix acls, eg, install, ls, cp. And fails if
we unexpectedly return EPERM error from xattr system calls.
In the other hands, in Linux read and write access to the system
namespace depend on the policy implemented for each filesystem, so we'll
mimics we're a filesystem that prohibits this for unpriveleged accounts.
Reported by: zirias
Tested by: zirias
MFC after: 1 week
(cherry picked from commit 11e37048db35d7fcfc285b867965de1aeefec2c8)
If size is specified as zero, these calls return the current size
of the list of extended attribute names (and leave list unchanged).
Tested by: zirias
MFC after: 1 week
(cherry picked from commit 18d1c86788f66f42c4e096142f4f8d168f68732c)
FreeBSD does not permits manipulating extended attributes in the system
namespace by unprivileged accounts, even if account has appropriate
privileges to access filesystem object.
In Linux the system namespace is used to preserve posix acls. Some Gnu
coreutils binaries uses posix acls, eg, install, ls. And fails if we
unexpectedly return EPERM error from xattr system calls.
In the other hands, in Linux read and write access to the system
namespace depend on the policy implemented for each filesystem, so we'll
mimics we're a filesystem that prohibits this for unpriveleged accounts.
Reported by: zirias
Tested by: zirias
MFC after: 1 week
(cherry picked from commit 1bfc4574f78653e4b64ac9dd31518c96a17fe52b)
On Linux ENODATA mean the named attribute does not exist, or the
process has no access to this attribute.
Reported by: zirias
PR: 273517
Tested by: zirias
MFC after: 1 week
(cherry picked from commit 4d59b790553ef75b9a4b6a673eab3354f3d012b3)
