[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] ACL support in git version of GNU tar
From: |
Joerg Schilling |
Subject: |
Re: [Bug-tar] ACL support in git version of GNU tar |
Date: |
Mon, 18 Mar 2013 15:11:38 +0100 |
User-agent: |
nail 11.22 3/20/05 |
Markus Steinborn <address@hidden> wrote:
> Hi everybody,
>
> Today I noticed that GNU tar (git master) now supports XATTRs, ACLs and
> SELINUX-Attributes. I am really pleased to read this in "git log".
> Congratualtions for this improvement. The improvements do not break star
> und redhat tar compatibility.
>
> Having used Redhats patch for many years now (and an improved version
> which I made), I am able to enumerate a few points that IMHO need
> improvement:
>
>
> (1) tar archive creation with "--numeric-owner" option:
>
> In this case, users are expectiing that the archive does not contain any
> symbolic owner name, so it can be extracted to an emoty hard disc on a
> system bootet e. g. by a rescue cd from Redhat. Current sitation is that
> ACLs still include the symbolic owner and not the numeric owner.
>
> This is quite trivial to fix:
>
> Replace all ocurences of "val = acl_to_text(acl, &len);" by "val =
> acl_to_any_text(acl, 0, ',', (
> numeric_owner_option?TEXT_NUMERIC_IDS:0));" and followed by
> "len=strlen(val);" after the "if (!val)" error-handling.
>
>
> Effect: Numeric owner is stored.
>
> I'd like to note that this improvement is essential to me.
Why?
Star introduced the -numeric option in 1993 to work in create list and extract
mode. The ACL Support introduced in 2001 was created to behave in a similar way.
If gtar does the same, the best way would be to use -numeric in extract mode.
> (2a) tar archive creation without "--numeric-owner" option:
>
> In GNU tar 1.26, for every file the owner is stored both, symbolic and
> numeric. I would expect that ACLs are stored in both ways, too. star
> shows us how to do that:
>
> star stores the numeric owner in a forth field of an acl: (e.g.
> "u:msteinbo:rwx:500").
Correct, this is an extension to the ACL format that was needed to allow ACLs
to be archivable in a reliable way at all.
> (2b) tar extract should use the 4th field (discussed in point 2) in
> presence of "-numeric-owner".
>
> This together with point (2) enabled users to restore an backup created
> without numeric owner option on a clean hard disc without passwd entries
> for the users (let's assume that /etc/passwd is contained in the archive
> so the operation makes sense).
>
> I'd like to mention that this point would increase star compatibility a lot.
If there is not such behavior, the gtar implementation is of limited usablility.
There are two use cases:
1) File servers that do not import nam services. This is rare toway with
NFSv4
2) Deleted user credentials for old employees.
This is something that happens frequently.
Jörg
--
EMail:address@hidden (home) Jörg Schilling D-13353 Berlin
address@hidden (uni)
address@hidden (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily