1 This patch adds backward-compatibility support for the --acls option.
2 Since the main release has never had ACL support, the trunk doesn't
3 need this code. If you want to make rsync 3.0.x communicate with an
4 older (patched) release, use this.
6 To use this patch, run these commands for a successful build:
8 patch -p1 <patches/acls.diff
9 ./configure (optional if already run)
14 @@ -90,6 +90,18 @@ static const char *str_acl_type(SMB_ACL_
15 : "unknown SMB_ACL_TYPE_T";
18 +#define OTHER_TYPE(t) (SMB_ACL_TYPE_ACCESS+SMB_ACL_TYPE_DEFAULT-(t))
19 +#define BUMP_TYPE(t) ((t = OTHER_TYPE(t)) == SMB_ACL_TYPE_DEFAULT)
21 +static int old_count_racl_entries(const rsync_acl *racl)
23 + return racl->users.count + racl->groups.count
24 + + (racl->user_obj != NO_ENTRY)
25 + + (racl->group_obj != NO_ENTRY)
26 + + (racl->mask_obj != NO_ENTRY)
27 + + (racl->other_obj != NO_ENTRY);
30 static int calc_sacl_entries(const rsync_acl *racl)
32 /* A System ACL always gets user/group/other permission entries. */
33 @@ -545,6 +557,91 @@ int get_acl(const char *fname, statx *sx
37 +/* === OLD Send functions === */
39 +/* Send the ida list over the file descriptor. */
40 +static void old_send_ida_entries(int f, const ida_entries *idal, char tag_char)
43 + size_t count = idal->count;
44 + for (ida = idal->idas; count--; ida++) {
45 + write_byte(f, tag_char);
46 + write_byte(f, ida->access);
47 + write_int(f, ida->id);
48 + if (tag_char == 'U')
55 +/* Send an rsync ACL over the file descriptor. */
56 +static void old_send_rsync_acl(int f, const rsync_acl *racl)
58 + size_t count = old_count_racl_entries(racl);
59 + write_int(f, count);
60 + if (racl->user_obj != NO_ENTRY) {
62 + write_byte(f, racl->user_obj);
64 + old_send_ida_entries(f, &racl->users, 'U');
65 + if (racl->group_obj != NO_ENTRY) {
67 + write_byte(f, racl->group_obj);
69 + old_send_ida_entries(f, &racl->groups, 'G');
70 + if (racl->mask_obj != NO_ENTRY) {
72 + write_byte(f, racl->mask_obj);
74 + if (racl->other_obj != NO_ENTRY) {
76 + write_byte(f, racl->other_obj);
80 +/* Send the ACL from the statx structure down the indicated file descriptor.
81 + * This also frees the ACL data. */
82 +void old_send_acl(statx *sxp, int f)
84 + SMB_ACL_TYPE_T type;
85 + rsync_acl *racl, *new_racl;
86 + item_list *racl_list;
89 + type = SMB_ACL_TYPE_ACCESS;
90 + racl = sxp->acc_acl;
91 + racl_list = &access_acl_list;
94 + racl = new(rsync_acl);
96 + out_of_memory("send_acl");
97 + *racl = empty_rsync_acl;
98 + if (type == SMB_ACL_TYPE_ACCESS) {
99 + rsync_acl_fake_perms(racl, sxp->st.st_mode);
100 + sxp->acc_acl = racl;
102 + sxp->def_acl = racl;
105 + if ((ndx = find_matching_rsync_acl(racl, type, racl_list)) != -1) {
106 + write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'a' : 'd');
109 + new_racl = EXPAND_ITEM_LIST(racl_list, rsync_acl, 1000);
110 + write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'A' : 'D');
111 + old_send_rsync_acl(f, racl);
113 + *racl = empty_rsync_acl;
115 + racl = sxp->def_acl;
116 + racl_list = &default_acl_list;
117 + } while (BUMP_TYPE(type) && S_ISDIR(sxp->st.st_mode));
122 /* === Send functions === */
124 /* The general strategy with the tag_type <-> character mapping is that
125 @@ -631,6 +728,10 @@ static void send_rsync_acl(rsync_acl *ra
126 * This also frees the ACL data. */
127 void send_acl(statx *sxp, int f)
129 + if (protocol_version < 30) {
130 + old_send_acl(sxp, f);
135 sxp->acc_acl = create_racl();
136 @@ -649,6 +750,146 @@ void send_acl(statx *sxp, int f)
140 +/* === OLD Receive functions */
142 +static void old_recv_rsync_acl(rsync_acl *racl, int f)
144 + static item_list temp_ida_list = EMPTY_ITEM_LIST;
145 + SMB_ACL_TAG_T tag_type = 0, prior_list_type = 0;
146 + uchar computed_mask_bits = 0;
150 + if (!(count = read_int(f)))
154 + char tag = read_byte(f);
155 + uchar access = read_byte(f);
156 + if (access & ~ (4 | 2 | 1)) {
157 + rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n",
159 + exit_cleanup(RERR_STREAMIO);
163 + if (racl->user_obj != NO_ENTRY) {
164 + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate USER_OBJ entry\n");
165 + exit_cleanup(RERR_STREAMIO);
167 + racl->user_obj = access;
170 + tag_type = SMB_ACL_USER;
173 + if (racl->group_obj != NO_ENTRY) {
174 + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate GROUP_OBJ entry\n");
175 + exit_cleanup(RERR_STREAMIO);
177 + racl->group_obj = access;
180 + tag_type = SMB_ACL_GROUP;
183 + if (racl->mask_obj != NO_ENTRY) {
184 + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate MASK entry\n");
185 + exit_cleanup(RERR_STREAMIO);
187 + racl->mask_obj = access;
190 + if (racl->other_obj != NO_ENTRY) {
191 + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate OTHER entry\n");
192 + exit_cleanup(RERR_STREAMIO);
194 + racl->other_obj = access;
197 + rprintf(FERROR, "old_recv_rsync_acl: unknown tag %c\n",
199 + exit_cleanup(RERR_STREAMIO);
201 + if (tag_type != prior_list_type) {
202 + if (prior_list_type)
203 + save_idas(racl, prior_list_type, &temp_ida_list);
204 + prior_list_type = tag_type;
206 + ida = EXPAND_ITEM_LIST(&temp_ida_list, id_access, -10);
207 + ida->access = access;
208 + ida->id = read_int(f);
209 + computed_mask_bits |= access;
211 + if (prior_list_type)
212 + save_idas(racl, prior_list_type, &temp_ida_list);
214 + if (!racl->users.count && !racl->groups.count) {
215 + /* If we received a superfluous mask, throw it away. */
216 + if (racl->mask_obj != NO_ENTRY) {
217 + /* Mask off the group perms with it first. */
218 + racl->group_obj &= racl->mask_obj | NO_ENTRY;
219 + racl->mask_obj = NO_ENTRY;
221 + } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */
222 + racl->mask_obj = computed_mask_bits | (racl->group_obj & 7);
225 +/* Receive the ACL info the sender has included for this file-list entry. */
226 +void old_recv_acl(struct file_struct *file, int f)
228 + SMB_ACL_TYPE_T type;
229 + item_list *racl_list;
231 + if (S_ISLNK(file->mode))
234 + type = SMB_ACL_TYPE_ACCESS;
235 + racl_list = &access_acl_list;
237 + char tag = read_byte(f);
240 + if (tag == 'A' || tag == 'a') {
241 + if (type != SMB_ACL_TYPE_ACCESS) {
242 + rprintf(FERROR, "receive_acl %s: duplicate access ACL\n",
243 + f_name(file, NULL));
244 + exit_cleanup(RERR_STREAMIO);
246 + } else if (tag == 'D' || tag == 'd') {
247 + if (type == SMB_ACL_TYPE_ACCESS) {
248 + rprintf(FERROR, "receive_acl %s: expecting access ACL; got default\n",
249 + f_name(file, NULL));
250 + exit_cleanup(RERR_STREAMIO);
253 + rprintf(FERROR, "receive_acl %s: unknown ACL type tag: %c\n",
254 + f_name(file, NULL), tag);
255 + exit_cleanup(RERR_STREAMIO);
257 + if (tag == 'A' || tag == 'D') {
259 + ndx = racl_list->count;
260 + duo_item = EXPAND_ITEM_LIST(racl_list, acl_duo, 1000);
261 + duo_item->racl = empty_rsync_acl;
262 + old_recv_rsync_acl(&duo_item->racl, f);
263 + duo_item->sacl = NULL;
266 + if (ndx < 0 || (size_t)ndx >= racl_list->count) {
267 + rprintf(FERROR, "receive_acl %s: %s ACL index %d out of range\n",
268 + f_name(file, NULL), str_acl_type(type), ndx);
269 + exit_cleanup(RERR_STREAMIO);
272 + if (type == SMB_ACL_TYPE_ACCESS)
275 + F_DEF_ACL(file) = ndx;
276 + racl_list = &default_acl_list;
277 + } while (BUMP_TYPE(type) && S_ISDIR(file->mode));
280 /* === Receive functions === */
282 static uchar recv_acl_access(uchar *name_follows_val, int f)
283 @@ -768,6 +1009,11 @@ static int recv_rsync_acl(item_list *rac
284 /* Receive the ACL info the sender has included for this file-list entry. */
285 void receive_acl(struct file_struct *file, int f)
287 + if (protocol_version < 30) {
288 + old_recv_acl(file, f);
292 F_ACL(file) = recv_rsync_acl(&access_acl_list, SMB_ACL_TYPE_ACCESS, f);
294 if (S_ISDIR(file->mode))
297 @@ -111,13 +111,6 @@ void setup_protocol(int f_out,int f_in)
299 exit_cleanup(RERR_PROTOCOL);
301 - if (preserve_acls) {
303 - "--acls requires protocol 30 or higher"
304 - " (negotiated %d).\n",
306 - exit_cleanup(RERR_PROTOCOL);
310 if (delete_mode && !(delete_before+delete_during+delete_after)) {
311 --- old/testsuite/acls.test
312 +++ new/testsuite/acls.test
315 $RSYNC --version | grep ", ACLs" >/dev/null || test_skipped "Rsync is configured without ACL support"
318 -*protocol=29*) test_skipped "ACLs require protocol 30" ;;
321 case "$setfacl_nodef" in
322 true) test_skipped "I don't know how to use your setfacl command" ;;
324 --- old/testsuite/default-acls.test
325 +++ new/testsuite/default-acls.test
328 $RSYNC --version | grep ", ACLs" >/dev/null || test_skipped "Rsync is configured without ACL support"
331 -*protocol=29*) test_skipped "ACLs require protocol 30" ;;
334 case "$setfacl_nodef" in
335 true) test_skipped "I don't know how to use your setfacl command" ;;
336 *-k*) opts='-dm u::7,g::5,o:5' ;;