| 1 | Depends-On-Patch: acls.diff |
| 2 | |
| 3 | After applying the above patch and this one, run these commands for a |
| 4 | successful build: |
| 5 | |
| 6 | ./prepare-source |
| 7 | ./configure --enable-acl-support |
| 8 | make |
| 9 | |
| 10 | Philip Lowman wrote: |
| 11 | > Attached is a small patch which is meant to be applied to a copy of |
| 12 | > rsync which has already been patched with acl support (the acls.diff |
| 13 | > file in the patches folder). It allows the preservation of the delete, |
| 14 | > chmod, and chown bits which Adaptec has added to XFS on their SnapOS NAS |
| 15 | > units. This is nice for backing up files between different NAS units |
| 16 | > and preserving all of the Samba ACLs. |
| 17 | > |
| 18 | > I'm not sure how useful this patch will be because I'm not sure if any |
| 19 | > other NAS vendors have standardized on their extensions to POSIX ACLs to |
| 20 | > support Samba in the same manner that Adaptec has. FWIW, though, this |
| 21 | > will allow you to preserve acls when copying between different Adaptec |
| 22 | > based NAS units running SnapOS. |
| 23 | |
| 24 | I (Wayne) tweaked the patch for style and to avoid using SMB_* constants |
| 25 | with literal values were needed. |
| 26 | |
| 27 | I've also updated it to apply to the updated version of the acls.diff, |
| 28 | though I don't know if there might be some bits lost in the current |
| 29 | algorithm when using the file's mode bits to reconstruct a stripped ACL |
| 30 | entry. |
| 31 | |
| 32 | --- old/acls.c |
| 33 | +++ new/acls.c |
| 34 | @@ -325,6 +325,9 @@ static BOOL unpack_smb_acl(rsync_acl *ra |
| 35 | } |
| 36 | access = (sys_acl_get_perm(permset, SMB_ACL_READ) ? 4 : 0) |
| 37 | | (sys_acl_get_perm(permset, SMB_ACL_WRITE) ? 2 : 0) |
| 38 | + | (sys_acl_get_perm(permset, SMB_ACL_DELETE) ? 8 : 0) |
| 39 | + | (sys_acl_get_perm(permset, SMB_ACL_CHMOD) ? 16 : 0) |
| 40 | + | (sys_acl_get_perm(permset, SMB_ACL_CHOWN) ? 32 : 0) |
| 41 | | (sys_acl_get_perm(permset, SMB_ACL_EXECUTE) ? 1 : 0); |
| 42 | /* continue == done with entry; break == store in temporary ida list */ |
| 43 | switch (tag_type) { |
| 44 | @@ -419,6 +422,12 @@ static int store_access_in_entry(uchar a |
| 45 | |
| 46 | COE( sys_acl_get_permset,(entry, &permset) ); |
| 47 | COE( sys_acl_clear_perms,(permset) ); |
| 48 | + if (access & 32) |
| 49 | + COE( sys_acl_add_perm(permset, SMB_ACL_CHOWN) ); |
| 50 | + if (access & 16) |
| 51 | + COE( sys_acl_add_perm(permset, SMB_ACL_CHMOD) ); |
| 52 | + if (access & 8) |
| 53 | + COE( sys_acl_add_perm(permset, SMB_ACL_DELETE) ); |
| 54 | if (access & 4) |
| 55 | COE( sys_acl_add_perm,(permset, SMB_ACL_READ) ); |
| 56 | if (access & 2) |
| 57 | @@ -452,7 +461,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 58 | |
| 59 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 60 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_USER_OBJ) ); |
| 61 | - COE2( store_access_in_entry,(racl->user_obj & 7, entry) ); |
| 62 | + COE2( store_access_in_entry,(racl->user_obj & 077, entry) ); |
| 63 | |
| 64 | for (ida = racl->users.idas, count = racl->users.count; count--; ida++) { |
| 65 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 66 | @@ -463,7 +472,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 67 | |
| 68 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 69 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_GROUP_OBJ) ); |
| 70 | - COE2( store_access_in_entry,(racl->group_obj & 7, entry) ); |
| 71 | + COE2( store_access_in_entry,(racl->group_obj & 077, entry) ); |
| 72 | |
| 73 | for (ida = racl->groups.idas, count = racl->groups.count; count--; ida++) { |
| 74 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 75 | @@ -473,7 +482,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 76 | } |
| 77 | |
| 78 | #ifdef ACLS_NEED_MASK |
| 79 | - mask_bits = racl->mask == NO_ENTRY ? racl->group_obj & 7 : racl->mask; |
| 80 | + mask_bits = racl->mask == NO_ENTRY ? racl->group_obj & 077 : racl->mask; |
| 81 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 82 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_MASK) ); |
| 83 | COE2( store_access_in_entry,(mask_bits, entry) ); |
| 84 | @@ -487,7 +496,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 85 | |
| 86 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 87 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_OTHER) ); |
| 88 | - COE2( store_access_in_entry,(racl->other & 7, entry) ); |
| 89 | + COE2( store_access_in_entry,(racl->other & 077, entry) ); |
| 90 | |
| 91 | #ifdef DEBUG |
| 92 | if (sys_acl_valid(*smb_acl) < 0) |
| 93 | @@ -721,7 +730,7 @@ static void receive_rsync_acl(rsync_acl |
| 94 | while (count--) { |
| 95 | char tag = read_byte(f); |
| 96 | uchar access = read_byte(f); |
| 97 | - if (access & ~ (4 | 2 | 1)) { |
| 98 | + if (access & ~(32 | 16 | 8 | 4 | 2 | 1)) { |
| 99 | rprintf(FERROR, "receive_rsync_acl: bogus permset %o\n", |
| 100 | access); |
| 101 | exit_cleanup(RERR_STREAMIO); |
| 102 | @@ -797,7 +806,7 @@ static void receive_rsync_acl(rsync_acl |
| 103 | racl->mask = NO_ENTRY; |
| 104 | } |
| 105 | } else if (racl->mask == NO_ENTRY) /* Must be non-empty with lists. */ |
| 106 | - racl->mask = computed_mask_bits | (racl->group_obj & 7); |
| 107 | + racl->mask = computed_mask_bits | (racl->group_obj & 077); |
| 108 | } |
| 109 | |
| 110 | /* Receive the ACL info the sender has included for this file-list entry. */ |
| 111 | --- old/smb_acls.h |
| 112 | +++ new/smb_acls.h |
| 113 | @@ -33,6 +33,11 @@ |
| 114 | #define SMB_ACL_READ ACL_READ |
| 115 | #define SMB_ACL_WRITE ACL_WRITE |
| 116 | #define SMB_ACL_EXECUTE ACL_EXECUTE |
| 117 | +/* These are custom ACL bits used by Adaptec's modifications |
| 118 | + * to XFS on their SnapOS units. */ |
| 119 | +#define SMB_ACL_DELETE 0x08 |
| 120 | +#define SMB_ACL_CHMOD 0x10 |
| 121 | +#define SMB_ACL_CHOWN 0x20 |
| 122 | |
| 123 | /* Types of ACLs. */ |
| 124 | #define SMB_ACL_USER ACL_USER |