[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ACLs



Very interesting.  Seems to be a common problem:

http://unix.stackexchange.com/questions/391/what-to-use-to-backup-files-preserving-acls

The getfacl/setfacl trick is my planB on this.  Fortunately our ACLs
over here aren't too complex.  I hope there's some other trick to fix
this.


-Mike

On Tue, Dec 10, 2013 at 9:58 PM, Tim Bishop <tim-lists@bishnet.net> wrote:
> Hi Mike,
>
> For what it's worth, it also doesn't work for me on FreeBSD. And what's
> more, it didn't work with tar either (which as I understand uses the
> same archive library). So either I'm doing something dumb, or something
> is broken. I'd expect the former :-)
>
> root:~ # ls -la file
> -rw-r--r--+ 1 root  wheel  5 Dec 10 20:50 file
>
> root:~ # getfacl file
> # file: file
> # owner: root
> # group: wheel
>           user:tdb:rwxp----------:------:allow
>             owner@:rw-p--aARWcCos:------:allow
>             group@:r-----a-R-c--s:------:allow
>          everyone@:r-----a-R-c--s:------:allow
>
> root:~ # tar -cpf file.tar file
> root:~ # rm file
> root:~ # tar -xpf file.tar
>
> root:~ # ls -la file
> -rw-r--r--  1 root  wheel  5 Dec 10 20:50 file
>
> root:~ # getfacl file
> # file: file
> # owner: root
> # group: wheel
>             owner@:rw-p--aARWcCos:------:allow
>             group@:r-----a-R-c--s:------:allow
>          everyone@:r-----a-R-c--s:------:allow
>
> I'd be interested to hear from others.
>
> Tim.
>
> On Tue, Dec 10, 2013 at 05:40:36PM +0100, Mike Kallies wrote:
>> Hello Tim,
>>
>> I used the -p option.
>>
>> e.g., below:
>>
>> mike@vm-mktest:~/tarsnap$ getfacl acltest/dir1/file3
>> # file: acltest/dir1/file3
>> # owner: mike
>> # group: mike
>> user::rw-
>> user:root:r--
>> group::rw-
>> mask::rw-
>> other::r--
>>
>> mike@vm-mktest:~/tarsnap$ tarsnap --keyfile ./acltest.key -c
>> --cachedir ./tarsnapcache/ -f aclbackup ./acltest
>> mike@vm-mktest:~/tarsnap$ mv acltest acltest.old
>> mike@vm-mktest:~/tarsnap$ tarsnap --keyfile ./acltest.key -p -x
>> --cachedir ./tarsnapcache/ -f aclbackup acltest
>> mike@vm-mktest:~/tarsnap$ getfacl acltest/dir1/file3
>> # file: acltest/dir1/file3
>> # owner: mike
>> # group: mike
>> user::rw-
>> group::rw-
>> other::r--
>>
>>
>> I've also tried:
>>   - backing up and restoring using sudo.
>>   - compiling and installing on an Ubuntu 12.04 LTS
>>
>> Tarsnap 1.0.35 in my tests.
>>
>> Thanks for any input,
>>
>> -Mike
>>
>>
>> On Tue, Dec 10, 2013 at 12:10 PM, Tim Bishop <tim-lists@bishnet.net> wrote:
>> > On Mon, Dec 09, 2013 at 02:41:11PM +0100, Mike Kallies wrote:
>> >> Not sure if this is just an issue for me, but ACLs on tarsnap are
>> >> giving me some trouble.
>> >>
>> >> I cross-compiled Tarsnap to run on an ARM box for a QNAP appliance, it
>> >> seems to work great.  The only problem is that ACLs are giving me
>> >> trouble.
>> >>
>> >> This is the original which was backed up then 'mv'ed to testfolder.orig:
>> >>
>> >> [/share/MD0_DATA] # getfacl testfolder.orig/test.txt
>> >> # file: testfolder.orig/test.txt
>> >> # owner: mike
>> >> # group: everyone
>> >> user::rwx
>> >> user:guest:---
>> >> group::rwx
>> >> group:dev:rwx
>> >> group:bots:r-x
>> >> mask::rwx
>> >> other::rwx
>> >>
>> >> This is the restore whcih was brought back to testfolder/test.txt
>> >> (along with the whole directory)
>> >>
>> >> [/share/MD0_DATA] # getfacl testfolder/test.txt
>> >> # file: testfolder/test.txt
>> >> # owner: mike
>> >> # group: everyone
>> >> user::rwx
>> >> group::rwx
>> >> other::rwx
>> >>
>> >>
>> >> As you can see the ACLs seem to be stripped, this applies to all the
>> >> other files and folders which were brought back.
>> >>
>> >> Anyone have any suggestions as to what I might try to troubleshoot?
>> >> Does anyone else have a problem with ACLs?  Did I break something
>> >> cross-compiling?
>> >
>> > What flags did you use when doing the restore? Did you use -p?
>> >
>> >      -p      (x mode only) Preserve file permissions.  Attempt to restore the
>> >              full permissions, including owner, file modes, file flags and
>> >              ACLs, if available, for each item extracted from the archive.  By
>> >              default, newly-created files are owned by the user running
>> >              tarsnap, the file mode is restored for newly-created regular
>> >              files, and all other types of entries receive default permis-
>> >              sions.  If tarsnap is being run by root, the default is to
>> >              restore the owner unless the -o option is also specified.
>> >
>> > Tim.
>> >
>> > --
>> > Tim Bishop
>> > http://www.bishnet.net/tim/
>> > PGP Key: 0x6C226B37FDF38D55
>> >
>
>
> Tim.
>
> --
> Tim Bishop
> http://www.bishnet.net/tim/
> PGP Key: 0x6C226B37FDF38D55
>