0001-Edit-of-bootstrap-to-automatically-prepare-gnulib.patchDescription: Text Data
|
| From: | Pavel Raiskup |
| Subject: | [Bug-tar] [PATCH] new XATTRS/SELinux/ACLs propsal |
| Date: | Fri, 17 Aug 2012 13:34:50 +0200 |
Hello, I would like to propose you set of patches adding the support for
extended attributes, SELinux and POSIX ACLs into GNU tar. This proposal
was improved a little bit from last time.
Overall, I'm attaching 5 patches -- steps how to get it worked and
description for proposed patches are here:
0. be sure you have applied the one-line patch:
http://lists.gnu.org/archive/html/bug-tar/2012-08/msg00005.html
Otherwise the bootstrap will fail (independently on following
patches).
1. Apply the 0001-*.patch - this just prepares bootstrap to apply two
additional patches against upstream gnulib. It is all about
*xattrat() wrappers that are handy due to
open()-like ~~> openat()-like conversion done in GNU tar.
Note that this patch will become irrelevant once following proposal
becomes gnulib usptream (or I may prepare patch with addition of this
functionality directly into tar when my proposal will be trashed):
http://lists.gnu.org/archive/html/bug-gnulib/2012-08/msg00042.html
2. Apply the 0002-*.patch - this patch is adding support for extended
attributes into tar. This is slightly modified version of Red Hat
patch that is deployed in Fedora distribution of tar for many years.
AFAIK, very similar patch is also compiled in Gentoo's tar.
It is possible to disable this feature during ./configure phase using
the --without-xattrs option. It will disable the possibility for
archiving/restoring of extended attributes -- but it still allows tar
to read (list) the archive contents (including tar --xattrs -tvvf)
and do not print the "unknown extended header keyword" warning on
error output when extended attributes are present in an archive.
Inside this patch are also basic tests for this feature. Note that
this will need probably some improvements from the portability
perspective -- now these tests are simply skipped when utilities
needed for proper testing are missing on system.
When this feature is compiled and tar is unable to write extended
attributes onto file system, the ENOTSUP warning may be silenced by
using '--warning=no-xattr-write'.
As is documented (patch #5), default behaviour of tar will be that
it will store all extended attributes by default when '--xattrs'
option is present but it restores only 'user.*' domain by default.
Anyway, this may be controlled by --xattrs-include/--xattrs-exclude
patterns. These options have non-state validity (when these are
used they are valid for whole list of files that is going to be
stored/restored/listed).
The --no-xattrs is also present just for the situation that on some
systems may be --xattrs option enabled by default (hardwired or in
set in $TAR_OPTIONS). (slightly different semantics against
--wildcards/--no-wildcards options that has state behaviour)
3. Apply 0003-*.patch - adding support for POSIX ACLs. This feature is
fully compatible with classic Linux permissions but it is not ready
to be used with more detailed Solaris/NTFSv4 ACLs. Anyway, once
these ACLs becomes wide used, it will be possible to handle these in
parallel with POSIX. I hope that this feature is very useful for
quite a lot of users that are already using POSIX ACLs.
We are using the same header keywords in tar's posix archive format
as star uses. POSIX ACLs are then portable between both tools, star and
GNU tar.
Same way as in --xattrs patch is done, --no-acls option is added by
this patch and as before possible warnings during writing ACLs may be
suppressed by using of the '--warning=no-xattr-write option'.
This feature may be disabled by --without-posix-acls during
./configure phase.
4. Apply the 0004-*.patch - support for SELinux context activation.
This feature uses very same principles as --acls support.
Again, this may be disabled by `./configure --without-selinux'.
Possible writing errors may be suppressed using the same options and
the --no-selinux option also exists to disable SELinux support in
case that this feature is turned on by default.
5. Apply the last patch 0005-*.patch which adds documentation for
features brought by patches 0002/0003/0004.
6. ./bootstrap && ./configure && ./make
Some notes:
- there should be no forward dependency between patches (so the --xattrs
are independent on --acls, acls are not dependant on selinux), anyway,
it should be quite easy to make --acls/--selinux self standing patches
from this proposal if somebody wants.
- ad listing of extended attributes, after a discussion here:
http://lists.gnu.org/archive/html/bug-tar/2012-05/msg00001.html
I have decided not to implement the YAML/fully parsable approach. The
reason is that this proposed format was *very* easy for implementation
(does not break other listing features like multivolume headers and
incremental backups) and in the parsable way it would be quite extensive
work aside of extended attributes. Anyway, I think that it would be
very nice to employ some yaml library (or other?) and propose the
'--yaml' or '--parsable' option in future. I expect that this format
will coexist with actual listing support.
Anyway -- even now it is possible to parse tar's output. Problem is
that it is quite hard job to prepare parser that will be able to guess
what options were the tar command run with (but it is not impossible).
Please, could you look at attached patches and tell me what needs to be
repaired before your acceptance? I'll be glad to fix what you will
require.
Pavel
0001-Edit-of-bootstrap-to-automatically-prepare-gnulib.patch
Description: Text Data
0002-Support-for-extended-attributes-added.patch
Description: Text Data
0003-Support-for-POSIX-ACLs.patch
Description: Text Data
0004-SELinux-context-store-restore-list-support-added.patch
Description: Text Data
0005-Documentation-for-XATTRS-SELinux-POSIX-ACLs.patch
Description: Text Data
| [Prev in Thread] | Current Thread | [Next in Thread] |