My version of Wesley W. Terpstra's patch.

[rsync/rsync-patches.git] / usermap.diff

This adds a --usermap and a --groupmap option.  See the man page for
more details.

To use this patch, run these commands for a successful build:

    patch -p1 <patches/usermap.diff
    ./configure                         (optional if already run)
    make

--- old/flist.c
+++ new/flist.c
@@ -63,6 +63,8 @@ extern int copy_links;
 extern int copy_unsafe_links;
 extern int protocol_version;
 extern int sanitize_paths;
+extern char *usermap;
+extern char *groupmap;
 extern struct stats stats;
 extern char *filesfrom_host;
 
@@ -733,7 +735,7 @@ static struct file_struct *recv_file_ent
 			uid = (uid_t)read_varint(f);
 			if (xflags & XMIT_USER_NAME_FOLLOWS)
 				uid = recv_user_name(f, uid);
-			else if (inc_recurse && am_root && !numeric_ids)
+			else if (inc_recurse && am_root && (!numeric_ids || usermap))
 				uid = match_uid(uid);
 		}
 	}
@@ -745,7 +747,7 @@ static struct file_struct *recv_file_ent
 			gid_flags = 0;
 			if (xflags & XMIT_GROUP_NAME_FOLLOWS)
 				gid = recv_group_name(f, gid, &gid_flags);
-			else if (inc_recurse && (!am_root || !numeric_ids))
+			else if (inc_recurse && (!am_root || !numeric_ids || groupmap))
 				gid = match_gid(gid, &gid_flags);
 		}
 	}
@@ -2045,8 +2047,13 @@ struct file_list *recv_file_list(int f)
 	int dstart, flags;
 	int64 start_read;
 
-	if (!first_flist)
+	if (!first_flist) {
 		rprintf(FLOG, "receiving file list\n");
+		if (usermap)
+			parse_name_map(usermap, 1);
+		if (groupmap)
+			parse_name_map(groupmap, 0);
+	}
 	if (show_filelist_p())
 		start_filelist_progress("receiving file list");
 	else if (inc_recurse && verbose && !am_server && !first_flist)
--- old/options.c
+++ new/options.c
@@ -164,6 +164,8 @@ char *rsync_path = RSYNC_PATH;
 char *backup_dir = NULL;
 char backup_dir_buf[MAXPATHLEN];
 char *sockopts = NULL;
+char *usermap = NULL;
+char *groupmap = NULL;
 int rsync_port = 0;
 int compare_dest = 0;
 int copy_dest = 0;
@@ -377,6 +379,8 @@ void usage(enum logcode F)
   rprintf(F,"     --delay-updates         put all updated files into place at transfer's end\n");
   rprintf(F," -m, --prune-empty-dirs      prune empty directory chains from the file-list\n");
   rprintf(F,"     --numeric-ids           don't map uid/gid values by user/group name\n");
+  rprintf(F,"     --usermap=STRING        custom username mapping\n");
+  rprintf(F,"     --groupmap=STRING       custom groupname mapping\n");
   rprintf(F,"     --timeout=TIME          set I/O timeout in seconds\n");
   rprintf(F," -I, --ignore-times          don't skip files that match in size and mod-time\n");
   rprintf(F,"     --size-only             skip files that match in size\n");
@@ -601,6 +605,8 @@ static struct poptOption long_options[] 
   {"no-s",             0,  POPT_ARG_VAL,    &protect_args, 0, 0, 0},
   {"numeric-ids",      0,  POPT_ARG_VAL,    &numeric_ids, 1, 0, 0 },
   {"no-numeric-ids",   0,  POPT_ARG_VAL,    &numeric_ids, 0, 0, 0 },
+  {"usermap",          0,  POPT_ARG_STRING, &usermap, 0, 0, 0 },
+  {"groupmap",         0,  POPT_ARG_STRING, &groupmap, 0, 0, 0 },
   {"timeout",          0,  POPT_ARG_INT,    &io_timeout, 0, 0, 0 },
   {"no-timeout",       0,  POPT_ARG_VAL,    &io_timeout, 0, 0, 0 },
   {"rsh",             'e', POPT_ARG_STRING, &shell_cmd, 0, 0, 0 },
@@ -1935,6 +1941,18 @@ void server_options(char **args, int *ar
 		args[ac++] = "--no-i-r";
 
 	if (am_sender) {
+		if (usermap) {
+			if (asprintf(&arg, "--usermap=%s", usermap) < 0)
+				goto oom;
+			args[ac++] = arg;
+		}
+
+		if (groupmap) {
+			if (asprintf(&arg, "--groupmap=%s", groupmap) < 0)
+				goto oom;
+			args[ac++] = arg;
+		}
+
 		if (ignore_existing)
 			args[ac++] = "--ignore-existing";
 
--- old/rsync.yo
+++ new/rsync.yo
@@ -379,6 +379,8 @@ to the detailed description below for a 
      --delay-updates         put all updated files into place at end
  -m, --prune-empty-dirs      prune empty directory chains from file-list
      --numeric-ids           don't map uid/gid values by user/group name
+     --usermap=STRING        custom username mapping
+     --groupmap=STRING       custom groupname mapping
      --timeout=TIME          set I/O timeout in seconds
  -I, --ignore-times          don't skip files that match size and time
      --size-only             skip files that match in size
@@ -1553,6 +1555,46 @@ from the source system is used instead. 
 the chroot setting affects rsync's ability to look up the names of the
 users and groups and what you can do about it.
 
+dit(bf(--usermap=STRING, --groupmap=STRING)) These options allow you to
+specify users and groups that should be mapped to other values by the
+receiving side.  The bf(STRING) is one or more bf(FROM):bf(TO) pairs of
+values separated by commas.  Any matching bf(FROM) value from the sender is
+replaced with a bf(TO) value from the receiver.  You may specify usernames
+or user IDs for the bf(FROM) and bf(TO) values, and the bf(FROM) value may
+also be a wild-card string, which will be matched against the sender's
+names (wild-cards do NOT match against ID numbers).  For example:
+
+verb(  --usermap=0:bin,wayne:admin,*:nobody --groupmap=usr:1,1:usr)
+
+The first match in the list is the one that is used.  You should not use
+multiple options of the same type, but instead include all the user
+mappings you need separated by commas to a single bf(--usermap) option,
+and likewise for groups with the bf(--groupmap) option.
+
+Note that the sender's name for the 0 user and group are not transmitted
+to the receiver, so you should either match these values using a 0, or use
+the names in effect on the receiving side.  All other bf(FROM) names match
+those in use on the sending side.  All bf(TO) names match those in use on
+the receiving side.
+
+Any IDs that do not have name on the sending side are treaded as having an
+empty name for the purpose of matching.  This allows them to be matched via
+a "*" as well as an empty name mapping.  For instance:
+
+verb(  --usermap=:nobody --groupmap=*:nobody)
+
+When the bf(--numeric-ids) option is used,the sender does not send any
+names, so all the IDs are treaded as having an empty name.  This means that
+you will need to specify numeric bf(FROM) values if you want to map these
+nameless IDs to different values.
+
+For the bf(--usermap) option to have any effect, the bf(-o) (bf(--owner))
+option must be used (or implied), and the receiver will need to be running
+as a super-user (see also the bf(--fake-super) option).  For the bf(--groupmap)
+option to have any effect, the bf(-g) (bf(--groups)) option must be used
+(or implied), and the receiver will need to have permissions to set that
+group.
+
 dit(bf(--timeout=TIMEOUT)) This option allows you to set a maximum I/O
 timeout in seconds. If no data is transferred for the specified time
 then rsync will exit. The default is 0, which means no timeout.
--- old/uidlist.c
+++ new/uidlist.c
@@ -24,6 +24,7 @@
  * are special. */
 
 #include "rsync.h"
+#include "ifuncs.h"
 #include "io.h"
 
 extern int verbose;
@@ -32,6 +33,8 @@ extern int preserve_uid;
 extern int preserve_gid;
 extern int preserve_acls;
 extern int numeric_ids;
+extern char *usermap;
+extern char *groupmap;
 
 #ifdef HAVE_GETGROUPS
 # ifndef GETGROUPS_T
@@ -41,6 +44,9 @@ extern int numeric_ids;
 
 #define GID_NONE ((gid_t)-1)
 
+#define NFLAGS_WILD_NAME_MATCH (1<<0)
+#define NFLAGS_NAME_MATCH (1<<1)
+
 struct idlist {
 	struct idlist *next;
 	char *name;
@@ -48,8 +54,8 @@ struct idlist {
 	uint16 flags;
 };
 
-static struct idlist *uidlist;
-static struct idlist *gidlist;
+static struct idlist *uidlist, *uidmap;
+static struct idlist *gidlist, *gidmap;
 
 static struct idlist *add_to_list(struct idlist **root, id_t id, char *name,
 				  id_t id2, uint16 flags)
@@ -84,22 +90,6 @@ static char *gid_to_name(gid_t gid)
 	return NULL;
 }
 
-static uid_t map_uid(uid_t id, char *name)
-{
-	uid_t uid;
-	if (id != 0 && name_to_uid(name, &uid))
-		return uid;
-	return id;
-}
-
-static gid_t map_gid(gid_t id, char *name)
-{
-	gid_t gid;
-	if (id != 0 && name_to_gid(name, &gid))
-		return gid;
-	return id;
-}
-
 static int is_in_group(gid_t gid)
 {
 #ifdef HAVE_GETGROUPS
@@ -159,34 +149,49 @@ static int is_in_group(gid_t gid)
 #endif
 }
 
-/* Add a uid to the list of uids.  Only called on receiving side. */
-static struct idlist *recv_add_uid(uid_t id, char *name)
+/* Add a uid/gid to its list of ids.  Only called on receiving side. */
+static struct idlist *recv_add_id(struct idlist **idmap_ptr, id_t id, char *name)
 {
-	uid_t id2 = name ? map_uid(id, name) : id;
 	struct idlist *node;
+	id_t id2;
 
-	node = add_to_list(&uidlist, id, name, id2, 0);
+	if (!name)
+		name = "";
 
-	if (verbose > 3) {
-		rprintf(FINFO, "uid %u(%s) maps to %u\n",
-			(unsigned)id, name ? name : "", (unsigned)id2);
+	for (node = *idmap_ptr; node; node = node->next) {
+		if (node->flags & NFLAGS_WILD_NAME_MATCH) {
+			if (!wildmatch(node->name, name))
+				continue;
+		} else if (node->flags & NFLAGS_NAME_MATCH) {
+			if (strcmp(node->name, name) != 0)
+				continue;
+		} else {
+			if (node->id != id)
+				continue;
+		}
+		break;
 	}
+	if (node)
+		id2 = node->id2;
+	else if (*name && id) {
+		if (idmap_ptr == &uidmap) {
+			uid_t uid;
+			id2 = name_to_uid(name, &uid) ? uid : id;
+		} else {
+			gid_t gid;
+			id2 = name_to_gid(name, &gid) ? gid : id;
+		}
+	} else
+		id2 = id;
 
-	return node;
-}
-
-/* Add a gid to the list of gids.  Only called on receiving side. */
-static struct idlist *recv_add_gid(gid_t id, char *name)
-{
-	gid_t id2 = name ? map_gid(id, name) : id;
-	struct idlist *node;
-
-	node = add_to_list(&gidlist, id, name, id2,
-		!am_root && !is_in_group(id2) ? FLAG_SKIP_GROUP : 0);
+	node = add_to_list(idmap_ptr, id, *name ? name : NULL, id2,
+		!am_root && idmap_ptr == &gidmap
+		&& !is_in_group(id2) ? FLAG_SKIP_GROUP : 0);
 
 	if (verbose > 3) {
-		rprintf(FINFO, "gid %u(%s) maps to %u\n",
-			(unsigned)id, name ? name : "", (unsigned)id2);
+		rprintf(FINFO, "%sid %u(%s) maps to %u\n",
+			idmap_ptr == &uidmap ? "u" : "g",
+			(unsigned)id, name, (unsigned)id2);
 	}
 
 	return node;
@@ -195,12 +200,9 @@ static struct idlist *recv_add_gid(gid_t
 /* this function is a definate candidate for a faster algorithm */
 uid_t match_uid(uid_t uid)
 {
-	static uid_t last_in, last_out;
+	static uid_t last_in = -1, last_out = -1;
 	struct idlist *list;
 
-	if (uid == 0)
-		return 0;
-
 	if (uid == last_in)
 		return last_out;
 
@@ -208,10 +210,13 @@ uid_t match_uid(uid_t uid)
 
 	for (list = uidlist; list; list = list->next) {
 		if (list->id == uid)
-			return last_out = list->id2;
+			break;
 	}
 
-	return last_out = uid;
+	if (!list)
+		list = recv_add_id(&uidmap, uid, NULL);
+
+	return last_out = list->id2;
 }
 
 gid_t match_gid(gid_t gid, uint16 *flags_ptr)
@@ -227,7 +232,7 @@ gid_t match_gid(gid_t gid, uint16 *flags
 				break;
 		}
 		if (!list)
-			list = recv_add_gid(gid, NULL);
+			list = recv_add_id(&gidmap, gid, NULL);
 		last = list;
 	}
 
@@ -316,7 +321,7 @@ uid_t recv_user_name(int f, uid_t uid)
 	if (!name)
 		out_of_memory("recv_user_name");
 	read_sbuf(f, name, len);
-	node = recv_add_uid(uid, name); /* node keeps name's memory */
+	node = recv_add_id(&uidmap, uid, name); /* node keeps name's memory */
 	return node->id2;
 }
 
@@ -328,7 +333,7 @@ gid_t recv_group_name(int f, gid_t gid, 
 	if (!name)
 		out_of_memory("recv_group_name");
 	read_sbuf(f, name, len);
-	node = recv_add_gid(gid, name); /* node keeps name's memory */
+	node = recv_add_id(&gidmap, gid, name); /* node keeps name's memory */
 	if (flags_ptr && node->flags & FLAG_SKIP_GROUP)
 		*flags_ptr |= FLAG_SKIP_GROUP;
 	return node->id2;
@@ -355,17 +360,96 @@ void recv_id_list(int f, struct file_lis
 
 	/* Now convert all the uids/gids from sender values to our values. */
 #ifdef SUPPORT_ACLS
-	if (preserve_acls && !numeric_ids)
+	if (preserve_acls && (!numeric_ids || usermap || groupmap))
 		match_acl_ids();
 #endif
-	if (am_root && preserve_uid && !numeric_ids) {
+	if (am_root && preserve_uid && (!numeric_ids || usermap)) {
 		for (i = 0; i < flist->used; i++)
 			F_OWNER(flist->files[i]) = match_uid(F_OWNER(flist->files[i]));
 	}
-	if (preserve_gid && (!am_root || !numeric_ids)) {
+	if (preserve_gid && (!am_root || !numeric_ids || groupmap)) {
 		for (i = 0; i < flist->used; i++) {
 			F_GROUP(flist->files[i]) = match_gid(F_GROUP(flist->files[i]),
 							     &flist->files[i]->flags);
 		}
 	}
 }
+
+void parse_name_map(char *map, int usernames)
+{
+	struct idlist **idmap_ptr = usernames ? &uidmap : &gidmap;
+	struct idlist **idlist_ptr = usernames ? &uidlist : &gidlist;
+	char *colon, *end, *cp = map + strlen(map);
+	id_t id1, id2;
+	uint16 flags;
+
+	while (1) {
+		end = cp;
+		while (cp > map && cp[-1] != ',') cp--;
+		if (!(colon = strchr(cp, ':'))) {
+			rprintf(FERROR, "No colon found in --%smap: %s\n",
+				usernames ? "user" : "group", cp);
+			exit_cleanup(RERR_SYNTAX);
+		}
+		*colon = '\0';
+
+		if (isDigit(cp)) {
+			if (strspn(cp, "0123456789") != (size_t)(colon - cp)) {
+			  bad_number:
+				rprintf(FERROR, "Invalid number in --%smap: %s\n",
+					usernames ? "user" : "group", cp);
+				exit_cleanup(RERR_SYNTAX);
+			}
+			flags = 0;
+			id1 = atoi(cp);
+		} else if (strpbrk(cp, "*[?")) {
+			flags = NFLAGS_WILD_NAME_MATCH;
+			id1 = 0;
+		} else {
+			flags = NFLAGS_NAME_MATCH;
+			id1 = 0;
+		}
+
+		if (isDigit(colon+1)) {
+			if (strspn(colon+1, "0123456789") != (size_t)(end - colon - 1)) {
+				cp = colon+1;
+				goto bad_number;
+			}
+			id2 = atoi(colon+1);
+		} else {
+			if (usernames) {
+				uid_t uid;
+				if (!name_to_uid(colon+1, &uid)) {
+				  bad_name:
+					rprintf(FERROR,
+						"Invalid name in --%smap: %s\n",
+						usernames ? "user" : "group",
+						colon+1);
+					exit_cleanup(RERR_SYNTAX);
+				}
+				id2 = uid;
+			} else {
+				gid_t gid;
+				if (!name_to_gid(colon+1, &gid))
+					goto bad_name;
+				id2 = gid;
+			}
+		}
+
+		add_to_list(idmap_ptr, id1, flags ? cp : NULL, id2, flags);
+		if (numeric_ids && !flags)
+			add_to_list(idlist_ptr, id1, NULL, id2, flags);
+
+		if (cp == map)
+			break;
+
+		*--cp = '\0'; /* replace comma */
+	}
+
+	/* The 0 user/group doesn't get its name sent, or add it explicitly. */
+	if (numeric_ids)
+		cp = NULL;
+	else
+		cp = usernames ? uid_to_name(0) : gid_to_name(0);
+	recv_add_id(idmap_ptr, 0, cp);
+}