On Mon, 9 Oct 2006, Stephan Wiesand wrote:

> This seems to happen if and only if SELinux is active. Adding a security 
> label to the 1-byte files with chcon also makes it use 8k on a non-SELinux 
> system.

Very interesting!  My test box got turned off so I can't trivially fiddle 
with the selinus settings atm but will once I get a chance.

>>  if I make slightly bigger files then the 'extra' blocks allocated also
>>  goes up (to 32K extra that I've seen).
>
> No idea though how the EAs can amount to 32k.

$ cd /tmp/
$ dd if=/dev/zero of=testing bs=100k count=500
500+0 records in
500+0 records out
$ ls -al testing
-rw-r--r--  1 jp107 other 51200000 Oct  9 19:21 testing
$ du -sk testing
50060   testing
$ ls -Z testing
-rw-r--r--  jp107    other    user_u:object_r:tmp_t            testing

Given how small the contexts are I thought they were squeezed into the 
inodes (at least some google searches suggest that this is the case for 
ext3).

TUV manuals mention -o context=,  -o fscontext= and -o defcontext=, for 
systems where you don't want xattr to be used (or where they simply arn't 
supported), so I'm hoping that I can set something to force it off rather 
than having to completely disable selinux (though if I do have to I won't 
lose *much* sleep over it...)

  -- Jon