bug#33644: [PATCH] cp --preserve=xattr: preserve NFSv4 ACL extended attr

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#33644: [PATCH] cp --preserve=xattr: preserve NFSv4 ACL extended attr

From:	Pádraig Brady
Subject:	bug#33644: [PATCH] cp --preserve=xattr: preserve NFSv4 ACL extended attributes
Date:	Sat, 2 Mar 2019 18:07:53 -0800
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

tag 33644 notabug
close 33644
stop

rationale below...

On 12/02/19 04:03, Kamil Dudka wrote:
> On Monday, February 11, 2019 7:30:42 PM CET Pádraig Brady wrote:
>> On 11/02/19 03:50, Kamil Dudka wrote:
>>> I think that the information in xattr.conf is correct.  system.nfs4_acl is
>>> really an attribute one wants to copy when trying to preserve permissions.
>>
>> Right. What I was getting at was attr_copy_file() from libattr seems
>> to skip all entries in xattr.conf by default. I need to dig in to
>> see what's preserving system.posix_acl_access (these might be
>> implicitly generated upon attr reading for example).
> 
> I do not know the reasoning behind the default behavior of attr_copy_file().
> There is a comment before the function definition but it does not talk about
> NFSv4 ACLs:
> 
> http://git.savannah.nongnu.org/cgit/attr.git/tree/libattr/attr_copy_file.c?id=cb4786f1#n54
> 
>> My question was why does coreutils need to explicitly handle
>> the nfs4 acls if it doesn't need to handle the posix ones.
> 
> I think the answer is obvious.  cp is able preserve POSIX ACLs at a higher
> level (using gnulib's acl module, which uses libacl internally on Linux).
> There is, unfortunately, no such module (neither library) for NFSv4 ACLs.
> So copying the value of the low-level attribute is currently the only way
> to make cp preserve NFSv4 ACLs.

You used "obvious" and "ACLs" in the same email :)

Looking a bit more...

So attr_copy_file() copies all except those defined in /etc/xattr.conf

ACL xattrs are listed in that file with the rationale from a comment in libattr 
being:

 "ACLs are excluded by default because copying them between
  file systems with and without ACL support needs some
  additional logic so that no unexpected permissions result."

So the ACL handling specifically is deferred to libacl.
Now system.posix_acl_access is handled by libacl,
but system.nfs4_acl is not.
So I think the correct fix here is to remove the
nfs entries from /etc/xattr.conf, and then cp will copy.
This has the advantage of being configurable,
and also removes nfs4 specific handling from cp.
Any nfs4 specific handling should be in libacl.

thanks,
Pádraig

[Prev in Thread]

Current Thread

[Next in Thread]

bug#33644: [PATCH] cp --preserve=xattr: preserve NFSv4 ACL extended attributes, Pádraig Brady <=
- bug#33644: [PATCH] cp --preserve=xattr: preserve NFSv4 ACL extended attributes, Kamil Dudka, 2019/03/04

Prev by Date: bug#34713: Files vanishing when moving to different FS
Next by Date: bug#34700: rm refuses to remove files owned by the user, even in force mode
Previous by thread: bug#34713: Files vanishing when moving to different FS
Next by thread: bug#33644: [PATCH] cp --preserve=xattr: preserve NFSv4 ACL extended attributes
Index(es):
- Date
- Thread