| 1 | To use this patch, run these commands for a successful build: |
| 2 | |
| 3 | patch -p1 <patches/acls.diff |
| 4 | patch -p1 <patches/adaptec_acl_mods.diff |
| 5 | ./prepare-source |
| 6 | ./configure --enable-acl-support |
| 7 | make |
| 8 | |
| 9 | Philip Lowman wrote: |
| 10 | > Attached is a small patch which is meant to be applied to a copy of |
| 11 | > rsync which has already been patched with acl support (the acls.diff |
| 12 | > file in the patches folder). It allows the preservation of the delete, |
| 13 | > chmod, and chown bits which Adaptec has added to XFS on their SnapOS NAS |
| 14 | > units. This is nice for backing up files between different NAS units |
| 15 | > and preserving all of the Samba ACLs. |
| 16 | > |
| 17 | > I'm not sure how useful this patch will be because I'm not sure if any |
| 18 | > other NAS vendors have standardized on their extensions to POSIX ACLs to |
| 19 | > support Samba in the same manner that Adaptec has. FWIW, though, this |
| 20 | > will allow you to preserve acls when copying between different Adaptec |
| 21 | > based NAS units running SnapOS. |
| 22 | |
| 23 | I (Wayne) tweaked the patch for style and to avoid using SMB_* constants |
| 24 | with literal values were needed. |
| 25 | |
| 26 | I've also updated it to apply to the updated version of the acls.diff, |
| 27 | though I don't know if there might be some bits lost in the current |
| 28 | algorithm when using the file's mode bits to reconstruct a stripped ACL |
| 29 | entry. |
| 30 | |
| 31 | --- old/acls.c |
| 32 | +++ new/acls.c |
| 33 | @@ -306,6 +306,9 @@ static BOOL unpack_smb_acl(SMB_ACL_T sac |
| 34 | } |
| 35 | access = (sys_acl_get_perm(permset, SMB_ACL_READ) ? 4 : 0) |
| 36 | | (sys_acl_get_perm(permset, SMB_ACL_WRITE) ? 2 : 0) |
| 37 | + | (sys_acl_get_perm(permset, SMB_ACL_DELETE) ? 8 : 0) |
| 38 | + | (sys_acl_get_perm(permset, SMB_ACL_CHMOD) ? 16 : 0) |
| 39 | + | (sys_acl_get_perm(permset, SMB_ACL_CHOWN) ? 32 : 0) |
| 40 | | (sys_acl_get_perm(permset, SMB_ACL_EXECUTE) ? 1 : 0); |
| 41 | /* continue == done with entry; break == store in temporary ida list */ |
| 42 | switch (tag_type) { |
| 43 | @@ -400,6 +403,12 @@ static int store_access_in_entry(uchar a |
| 44 | |
| 45 | COE( sys_acl_get_permset,(entry, &permset) ); |
| 46 | COE( sys_acl_clear_perms,(permset) ); |
| 47 | + if (access & 32) |
| 48 | + COE( sys_acl_add_perm(permset, SMB_ACL_CHOWN) ); |
| 49 | + if (access & 16) |
| 50 | + COE( sys_acl_add_perm(permset, SMB_ACL_CHMOD) ); |
| 51 | + if (access & 8) |
| 52 | + COE( sys_acl_add_perm(permset, SMB_ACL_DELETE) ); |
| 53 | if (access & 4) |
| 54 | COE( sys_acl_add_perm,(permset, SMB_ACL_READ) ); |
| 55 | if (access & 2) |
| 56 | @@ -433,7 +442,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 57 | |
| 58 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 59 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_USER_OBJ) ); |
| 60 | - COE2( store_access_in_entry,(racl->user_obj & 7, entry) ); |
| 61 | + COE2( store_access_in_entry,(racl->user_obj & 077, entry) ); |
| 62 | |
| 63 | for (ida = racl->users.idas, count = racl->users.count; count--; ida++) { |
| 64 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 65 | @@ -444,7 +453,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 66 | |
| 67 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 68 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_GROUP_OBJ) ); |
| 69 | - COE2( store_access_in_entry,(racl->group_obj & 7, entry) ); |
| 70 | + COE2( store_access_in_entry,(racl->group_obj & 077, entry) ); |
| 71 | |
| 72 | for (ida = racl->groups.idas, count = racl->groups.count; count--; ida++) { |
| 73 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 74 | @@ -454,7 +463,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 75 | } |
| 76 | |
| 77 | #ifdef ACLS_NEED_MASK |
| 78 | - mask_bits = racl->mask_obj == NO_ENTRY ? racl->group_obj & 7 : racl->mask_obj; |
| 79 | + mask_bits = racl->mask_obj == NO_ENTRY ? racl->group_obj & 077 : racl->mask_obj; |
| 80 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 81 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_MASK) ); |
| 82 | COE2( store_access_in_entry,(mask_bits, entry) ); |
| 83 | @@ -468,7 +477,7 @@ static BOOL pack_smb_acl(SMB_ACL_T *smb_ |
| 84 | |
| 85 | COE( sys_acl_create_entry,(smb_acl, &entry) ); |
| 86 | COE( sys_acl_set_tag_type,(entry, SMB_ACL_OTHER) ); |
| 87 | - COE2( store_access_in_entry,(racl->other_obj & 7, entry) ); |
| 88 | + COE2( store_access_in_entry,(racl->other_obj & 077, entry) ); |
| 89 | |
| 90 | #ifdef DEBUG |
| 91 | if (sys_acl_valid(*smb_acl) < 0) |
| 92 | @@ -765,7 +774,7 @@ static void old_recv_rsync_acl(rsync_acl |
| 93 | while (count--) { |
| 94 | char tag = read_byte(f); |
| 95 | uchar access = read_byte(f); |
| 96 | - if (access & ~ (4 | 2 | 1)) { |
| 97 | + if (access & ~(32 | 16 | 8 | 4 | 2 | 1)) { |
| 98 | rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n", |
| 99 | access); |
| 100 | exit_cleanup(RERR_STREAMIO); |
| 101 | @@ -831,7 +840,7 @@ static void old_recv_rsync_acl(rsync_acl |
| 102 | racl->mask_obj = NO_ENTRY; |
| 103 | } |
| 104 | } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */ |
| 105 | - racl->mask_obj = computed_mask_bits | (racl->group_obj & 7); |
| 106 | + racl->mask_obj = computed_mask_bits | (racl->group_obj & 077); |
| 107 | } |
| 108 | |
| 109 | /* Receive the ACL info the sender has included for this file-list entry. */ |
| 110 | @@ -903,7 +912,7 @@ static uchar recv_acl_access(uchar *name |
| 111 | *name_follows_val = 0; |
| 112 | } |
| 113 | |
| 114 | - if (access & ~(4 | 2 | 1)) { |
| 115 | + if (access & ~(32 | 16 | 8 | 4 | 2 | 1)) { |
| 116 | rprintf(FERROR, "recv_acl_access: bogus permset %o\n", access); |
| 117 | exit_cleanup(RERR_STREAMIO); |
| 118 | } |
| 119 | --- old/lib/sysacls.h |
| 120 | +++ new/lib/sysacls.h |
| 121 | @@ -45,6 +45,11 @@ |
| 122 | #define SMB_ACL_READ ACL_READ |
| 123 | #define SMB_ACL_WRITE ACL_WRITE |
| 124 | #define SMB_ACL_EXECUTE ACL_EXECUTE |
| 125 | +/* These are custom ACL bits used by Adaptec's modifications |
| 126 | + * to XFS on their SnapOS units. */ |
| 127 | +#define SMB_ACL_DELETE 0x08 |
| 128 | +#define SMB_ACL_CHMOD 0x10 |
| 129 | +#define SMB_ACL_CHOWN 0x20 |
| 130 | |
| 131 | /* Types of ACLs. */ |
| 132 | #define SMB_ACL_USER ACL_USER |