rdiff-backup-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[rdiff-backup-users] Proposal for handling user/group ownership and ACLs

From: Ben Escoto
Subject: [rdiff-backup-users] Proposal for handling user/group ownership and ACLs
Date: Sun, 31 Aug 2003 02:50:56 -0700 
Hi, as all of you know one thing rdiff-backup tries to do is to
arrange files on one computer the way they were on another.  This can
lead to problems when the users and groups on the two computers (or
one computer at two different times) don't match.

For instance, suppose a file is owned by username 'foo' on machine1.
After backing up that file to machine2, without username 'foo', who
should own the file?  Or if a file has an ACL user:foo:rwx, what
should the remote ACL be if the system has no user foo?  Some of the
same problems can occur when restoring, if the users/groups have
changed between backup and restore.

Following is one possible way rdiff-backup could handle user and group
information as owners or in ACLs.  Comments/suggestions appreciated:

> 1.  For ownership and ACLs, normally record only user and group
>     names, not ids.  Record ids only if user/group names are not
>     available.
> 
> 2.  When mirroring or restoring, the default would be to:
> 
>     A.  Preserve the original user and group for ownership and ACLs.
>         If ownership preserving is impossible (because of lack of
>         permissions or missing groups), set to current user and
>         group.
>
>         If the original user/group name was not available, try to
>         preserve the user/group id.
>         
>         For ACLs, if a user or group is missing, just omit that
>         particular ACL entry.
> 
>     B.  However, accept two new options --username-mapping-file and
>         --groupname-mapping-file.  Each argument should be the name
>         of a file, where the file has the form:
>         
>         old_name_or_id1:new_name_or_id1
>         old_name_or_id2:new_name_or_id2
>         ...etc.
>         
>         If these arguments are given, behave as in A except instead
>         of trying to preserve the original unames/gnames, preserve
>         the mapped ones.  If both a user/group name and a uid/gid
>         match, follow the uname/gname mapping.

Finally, Greg Freemyer suggests a switch like --never-drop-acls (or
--error-out-on-ownership-acl-restoration-failure?) which causes
rdiff-backup to terminate unsuccessfully instead of omitting an ACL
entry whose user or group could not be mapped.


-- 
Ben Escoto

Attachment: pgpf4Y9YccYDW.pgp
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]