| 1 | Depends-On-Patch: acls.diff |
| 2 | |
| 3 | After applying the above patch and this one, run these commands for a |
| 4 | successful build: |
| 5 | |
| 6 | ./prepare-source |
| 7 | ./configure --enable-acl-support |
| 8 | make |
| 9 | |
| 10 | Philip Lowman wrote: |
| 11 | > Attached is a small patch which is meant to be applied to a copy of |
| 12 | > rsync which has already been patched with acl support (the acls.diff |
| 13 | > file in the patches folder). It allows the preservation of the delete, |
| 14 | > chmod, and chown bits which Adaptec has added to XFS on their SnapOS NAS |
| 15 | > units. This is nice for backing up files between different NAS units |
| 16 | > and preserving all of the Samba ACLs. |
| 17 | > |
| 18 | > I'm not sure how useful this patch will be because I'm not sure if any |
| 19 | > other NAS vendors have standardized on their extensions to POSIX ACLs to |
| 20 | > support Samba in the same manner that Adaptec has. FWIW, though, this |
| 21 | > will allow you to preserve acls when copying between different Adaptec |
| 22 | > based NAS units running SnapOS. |
| 23 | |
| 24 | I (Wayne) tweaked the patch for style and to avoid using SMB_* constants |
| 25 | with literal values were needed. |
| 26 | |
| 27 | I've also updated it to apply to the updated version of the acls.diff, |
| 28 | though I don't know if there might be some bits lost in the current |
| 29 | algorithm when using the file's mode bits to reconstruct a stripped ACL |
| 30 | entry. |
| 31 | |
| 32 | --- old/acls.c |
| 33 | +++ new/acls.c |
| 34 | @@ -84,10 +84,10 @@ static int calc_sacl_entries(const rsync |
| 35 | |
| 36 | static int rsync_acl_get_perms(const rsync_acl *racl) |
| 37 | { |
| 38 | - /* Note that (ACL_NO_ENTRY & 7) is 0. */ |
| 39 | - return ((racl->user_obj & 7) << 6) |
| 40 | - + (((racl->mask != ACL_NO_ENTRY ? racl->mask : racl->group_obj) & 7) << 3) |
| 41 | - + (racl->other & 7); |
| 42 | + /* Note that (ACL_NO_ENTRY & 077) is 0. */ |
| 43 | + return ((racl->user_obj & 077) << 6) |
| 44 | + + (((racl->mask != ACL_NO_ENTRY ? racl->mask : racl->group_obj) & 077) << 3) |
| 45 | + + (racl->other & 077); |
| 46 | } |
| 47 | |
| 48 | static void rsync_acl_strip_perms(rsync_acl *racl) |
| 49 | @@ -178,6 +178,9 @@ static BOOL unpack_smb_acl(rsync_acl *ra |
| 50 | } |
| 51 | access = (sys_acl_get_perm(permset, SMB_ACL_READ) ? 4 : 0) |
| 52 | | (sys_acl_get_perm(permset, SMB_ACL_WRITE) ? 2 : 0) |
| 53 | + | (sys_acl_get_perm(permset, SMB_ACL_DELETE) ? 8 : 0) |
| 54 | + | (sys_acl_get_perm(permset, SMB_ACL_CHMOD) ? 16 : 0) |
| 55 | + | (sys_acl_get_perm(permset, SMB_ACL_CHOWN) ? 32 : 0) |
| 56 | | (sys_acl_get_perm(permset, SMB_ACL_EXECUTE) ? 1 : 0); |
| 57 | /* continue == done with entry; break == store in given idal */ |
| 58 | switch (tag_type) { |
| 59 | @@ -587,6 +590,12 @@ static int store_access_in_entry(uchar a |
| 60 | |
| 61 | COE( sys_acl_get_permset,(entry, &permset) ); |
| 62 | COE( sys_acl_clear_perms,(permset) ); |
| 63 | + if (access & 32) |
| 64 | + COE( sys_acl_add_perm(permset, SMB_ACL_CHOWN) ); |
| 65 | + if (access & 16) |
| 66 | + COE( sys_acl_add_perm(permset, SMB_ACL_CHMOD) ); |
| 67 | + if (access & 8) |
| 68 | + COE( sys_acl_add_perm(permset, SMB_ACL_DELETE) ); |
| 69 | if (access & 4) |
| 70 | COE( sys_acl_add_perm,(permset, SMB_ACL_READ) ); |
| 71 | if (access & 2) |
| 72 | @@ -619,7 +628,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 73 | |
| 74 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 75 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_USER_OBJ) ); |
| 76 | - COE2( store_access_in_entry,(racl->user_obj & 7, entry) ); |
| 77 | + COE2( store_access_in_entry,(racl->user_obj & 077, entry) ); |
| 78 | |
| 79 | for (ida = racl->users.idas, count = racl->users.count; |
| 80 | count--; ida++) { |
| 81 | @@ -631,7 +640,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 82 | |
| 83 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 84 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_GROUP_OBJ) ); |
| 85 | - COE2( store_access_in_entry,(racl->group_obj & 7, entry) ); |
| 86 | + COE2( store_access_in_entry,(racl->group_obj & 077, entry) ); |
| 87 | |
| 88 | for (ida = racl->groups.idas, count = racl->groups.count; |
| 89 | count--; ida++) { |
| 90 | @@ -652,7 +661,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 91 | |
| 92 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 93 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_OTHER) ); |
| 94 | - COE2( store_access_in_entry,(racl->other & 7, entry) ); |
| 95 | + COE2( store_access_in_entry,(racl->other & 077, entry) ); |
| 96 | |
| 97 | #ifdef DEBUG |
| 98 | if (sys_acl_valid(*smb_acl) < 0) |
| 99 | @@ -761,7 +770,7 @@ static void receive_rsync_acl(rsync_acl |
| 100 | while (count--) { |
| 101 | char tag = read_byte(f); |
| 102 | uchar access = read_byte(f); |
| 103 | - if (access & ~ (4 | 2 | 1)) { |
| 104 | + if (access & ~(32 | 16 | 8 | 4 | 2 | 1)) { |
| 105 | rprintf(FERROR, "receive_rsync_acl: bogus permset %o\n", |
| 106 | access); |
| 107 | exit_cleanup(RERR_STREAMIO); |
| 108 | @@ -834,7 +843,7 @@ static void receive_rsync_acl(rsync_acl |
| 109 | } else |
| 110 | #endif |
| 111 | if (racl->mask == ACL_NO_ENTRY) /* Always non-empty when needed. */ |
| 112 | - racl->mask = computed_mask_bits | (racl->group_obj & 7); |
| 113 | + racl->mask = computed_mask_bits | (racl->group_obj & 077); |
| 114 | } |
| 115 | |
| 116 | /* receive and build the rsync_acl_lists */ |
| 117 | --- old/smb_acls.h |
| 118 | +++ new/smb_acls.h |
| 119 | @@ -33,6 +33,11 @@ |
| 120 | #define SMB_ACL_READ ACL_READ |
| 121 | #define SMB_ACL_WRITE ACL_WRITE |
| 122 | #define SMB_ACL_EXECUTE ACL_EXECUTE |
| 123 | +/* These are custom ACL bits used by Adaptec's modifications |
| 124 | + * to XFS on their SnapOS units. */ |
| 125 | +#define SMB_ACL_DELETE 0x08 |
| 126 | +#define SMB_ACL_CHMOD 0x10 |
| 127 | +#define SMB_ACL_CHOWN 0x20 |
| 128 | |
| 129 | /* Types of ACLs. */ |
| 130 | #define SMB_ACL_USER ACL_USER |