/tmp on tmpfs (was: Re: Summary/Minutes for today's FESCo meeting (2012-04-02))

Richard W.M. Jones rjones at redhat.com
Mon Apr 2 20:06:28 UTC 2012 

On Mon, Apr 02, 2012 at 04:04:23PM -0400, David Quigley wrote:
> On 04/02/2012 15:58, Richard W.M. Jones wrote:
> >On Mon, Apr 02, 2012 at 08:32:56PM +0200, Miloslav Trmač wrote:
> >>* #834 F18 Feature: /tmp on tmpfs -
> >>  http://fedoraproject.org/wiki/Features/tmp-on-tmpfs  (mitr,
> >>17:40:06)
> >>  * AGREED: tmp-on-tmpfs is accepted (+5 -3)  (mitr, 18:12:52)
> >
> >Actually I think this is a good feature, but ...
> >
> >The feature page is wrong about "The user experience should barely
> >change.  This is mostly a low-level change that has little visibility
> >to the user."
> >
> >tmpfs is different in a number of important ways:
> >
> > - it's very limited in space compared to a real disk
> >
> > - it doesn't support O_DIRECT
> >
> > - it doesn't support user extended attrs; and not very old kernels
> >   didn't support any xattrs at all, meaning things like SELinux
> >   labels don't work
> >
> >All this means it's going to need a bit more testing, since
> >potentially any package that stores a file on /tmp should be tested
> >and may need to be fixed.
> >
> >Rich.
> >
> >--
> >Richard Jones, Virtualization Group, Red Hat
> >http://people.redhat.com/~rjones
> >New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
> >programs, test, and build Windows installers. Over 70 libraries
> >supprt'd
> >http://fedoraproject.org/wiki/MinGW
> >http://www.annexia.org/fedora_mingw
> 
> 
> I really need to remember to send with the right user identity for
> this list.
> 
> <resend of my message since its going to bounce>
> 
> That third part is not correct. tmpfs supports SELinux labels. If
> you mount a tmpfs filesystem you'll see it reports seclabel as one
> of the mount options. You can also just use chcon -t to set the type
> on any file you like. SELinux labels are stored in the security
> namespace which is separate from user extended attributes.

That's not what I said.  I said that relatively recent kernels (up to
the middle of last year) didn't support system.*, and tmpfs doesn't
support user.* at all AFAICT.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top

More information about the devel mailing list