bug-tar
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-tar] ACL support in git version of GNU tar

From: Markus Steinborn
Subject: Re: [Bug-tar] ACL support in git version of GNU tar
Date: Mon, 28 Jul 2014 14:17:47 +0200
User-agent: Mozilla/5.0 (X11; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0 SeaMonkey/2.25
I have rebased my patches to GNU tar 1.28 - clone the git repository git://gitorious.org/tar-fcaps/tar-fcaps.git to access them and look in the branch pu (ACL patches) and pu2 (Capabilities patch). 

If you wonder: I am using the version in branch "msteinborn-1.28".


Greetings from Germany

Markus Steinborn



Markus Steinborn wrote:

I've still no decision about the following - let me add one note to it:
Patch 2 of the series contained a bug - take the attached file as a replacement. 



Markus Steinborn wrote:

What about the following patches?

Markus Steinborn wrote

Hi,
I'd like to remember of the following bug report and to announce that I have finished patches for all these issues.
I have submitted my patches to redhat (as they currently apply clean on a redhat patched tar 1.27.1). See https://bugzilla.redhat.com/show_bug.cgi?id=1052876 for them.
If you are ready to accept that patches (and only then, currently I have quite limited time) I would rebase the patches to tar master.
I also want to remind of http://lists.gnu.org/archive/html/bug-tar/2013-04/msg00024.html: where "Paul Eggert" writes "That sort of thing all sounds reasonable, I guess. I'd like Sergey's opinion though.". What is your opinion to this, Sergey? 


Greetings from Germany

Markus Steinborn
GNU gv maintainer



Markus Steinborn schrieb:

Hi everybody,
Today I noticed that GNU tar (git master) now supports XATTRs, ACLs and SELINUX-Attributes. I am really pleased to read this in "git log". Congratualtions for this improvement. The improvements do not break star und redhat tar compatibility.
Having used Redhats patch for many years now (and an improved version which I made), I am able to enumerate a few points that IMHO need improvement: 


(1) tar archive creation with "--numeric-owner" option:
In this case, users are expectiing that the archive does not contain any symbolic owner name, so it can be extracted to an emoty hard disc on a system bootet e. g. by a rescue cd from Redhat. Current sitation is that ACLs still include the symbolic owner and not the numeric owner. 

This is quite trivial to fix:
Replace all ocurences of "val = acl_to_text(acl, &len);" by "val = acl_to_any_text(acl, 0, ',', ( numeric_owner_option?TEXT_NUMERIC_IDS:0));" and followed by "len=strlen(val);" after the "if (!val)" error-handling. 


Effect: Numeric owner is stored.

I'd like to note that this improvement is essential to me.



(2a) tar archive creation without "--numeric-owner" option:
In GNU tar 1.26, for every file the owner is stored both, symbolic and numeric. I would expect that ACLs are stored in both ways, too. star shows us how to do that:
star stores the numeric owner in a forth field of an acl: (e.g. "u:msteinbo:rwx:500").
(2b) tar extract should use the 4th field (discussed in point 2) in presence of "-numeric-owner".
This together with point (2) enabled users to restore an backup created without numeric owner option on a clean hard disc without passwd entries for the users (let's assume that /etc/passwd is contained in the archive so the operation makes sense).
I'd like to mention that this point would increase star compatibility a lot.
Optional (3): Do not store ACLs iff ACL contains just the normal user, group and other permissions, i. .e. the ACL is an compatibility ACL. 


What is your opinion on these points?


Greetings from Germany

Markus Steinborn
GNU gv maintainer
PS: "iff" is the usual abbreviation for "if and only if" and not a typo.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]