bug-tar
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-tar] ACL support in git version of GNU tar

From: Joerg Schilling
Subject: Re: [Bug-tar] ACL support in git version of GNU tar
Date: Mon, 18 Mar 2013 15:11:38 +0100
User-agent: nail 11.22 3/20/05 
Markus Steinborn <address@hidden> wrote:

> Hi everybody,
>
> Today I noticed that GNU tar (git master) now supports XATTRs, ACLs and 
> SELINUX-Attributes. I am really pleased to read this in "git log". 
> Congratualtions for this improvement. The improvements do not break star 
> und redhat tar compatibility.
>
> Having used Redhats patch for many years now (and an improved version 
> which I made), I am able to enumerate a few points that IMHO need 
> improvement:
>
>
> (1) tar archive creation with "--numeric-owner" option:
>
> In this case, users are expectiing that the archive does not contain any 
> symbolic owner name, so it can be extracted to an emoty hard disc on a 
> system bootet e. g. by a rescue cd from Redhat. Current sitation is that 
> ACLs still include the symbolic owner and not the numeric owner.
>
> This is quite trivial to fix:
>
> Replace all ocurences of "val = acl_to_text(acl, &len);" by "val = 
> acl_to_any_text(acl, 0, ',', ( 
> numeric_owner_option?TEXT_NUMERIC_IDS:0));" and followed by 
> "len=strlen(val);" after the "if (!val)" error-handling.
>
>
> Effect: Numeric owner is stored.
>
> I'd like to note that this improvement is essential to me.

Why? 

Star introduced the -numeric option in 1993 to work in create list and extract 
mode. The ACL Support introduced in 2001 was created to behave in a similar way.

If gtar does the same, the best way would be to use -numeric in extract mode.


> (2a) tar archive creation without "--numeric-owner" option:
>
> In GNU tar 1.26, for every file the owner is stored both, symbolic and 
> numeric. I would expect that ACLs are stored in both ways, too. star 
> shows us how to do that:
>
> star stores the numeric owner in a forth field of an acl: (e.g. 
> "u:msteinbo:rwx:500").

Correct, this is an extension to the ACL format that was needed to allow ACLs 
to be archivable in a reliable way at all.



> (2b) tar extract should use the 4th field (discussed in point 2) in 
> presence of "-numeric-owner".
>
> This together with point (2) enabled users to restore an backup created 
> without numeric owner option on a clean hard disc without passwd entries 
> for the users (let's assume that /etc/passwd is contained in the archive 
> so the operation makes sense).
>
> I'd like to mention that this point would increase star compatibility a lot.

If there is not such behavior, the gtar implementation is of limited usablility.
There are two use cases:

1)      File servers that do not import nam services. This is rare toway with 
        NFSv4

2)      Deleted user credentials for old employees.
        This is something that happens frequently.


Jörg

-- 
 EMail:address@hidden (home) Jörg Schilling D-13353 Berlin
       address@hidden                (uni)  
       address@hidden (work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
reply via email to
[Prev in Thread] Current Thread [Next in Thread]