After applying this patch, run these commands for a successful build:
autoconf
- automake
+ autoheader
./configure --with-acl-support
make proto
make
+The program currently complains when the --acls (-A) option is used to copy
+from a disk that doesn't support ACLs. This should be changed to silently
+notice that no ACLs are available to copy. Of course, trying to write out
+ACLs to a non-ACL-supporting disk should complain.
---- Makefile.in 15 May 2004 00:48:11 -0000 1.101
-+++ Makefile.in 6 Jun 2004 21:11:46 -0000
+--- orig/Makefile.in 2004-08-13 07:18:58
++++ Makefile.in 2004-07-03 20:11:58
@@ -25,7 +25,7 @@ VERSION=@VERSION@
.SUFFIXES:
.SUFFIXES: .c .o
OBJS3=progress.o pipe.o
DAEMON_OBJ = params.o loadparm.o clientserver.o access.o connection.o authenticate.o
popt_OBJS=popt/findme.o popt/popt.o popt/poptconfig.o \
---- /dev/null 1 Jan 1970 00:00:00 -0000
-+++ acls.c 6 Jun 2004 21:11:46 -0000
-@@ -0,0 +1,1119 @@
+--- orig/acls.c 2004-09-08 06:09:30
++++ acls.c 2004-09-08 06:09:30
+@@ -0,0 +1,1144 @@
+/* -*- c-file-style: "linux" -*-
+ Copyright (C) Andrew Tridgell 1996
+ Copyright (C) Paul Mackerras 1996
+
+#include "rsync.h"
+
-+#ifdef SUPPORT_ACLS
++#if SUPPORT_ACLS
+
+extern int preserve_acls;
+extern int am_root;
+ BOOL ok;
+ *curr_racl = rsync_acl_initializer;
+ if (!(sacl = sys_acl_get_file(fname, *type))) {
-+ rprintf(FERROR, "send_acl : sys_acl_get_file(%s, %s): %s\n",
++ rprintf(FERROR, "send_acl: sys_acl_get_file(%s, %s): %s\n",
+ fname, str_acl_type(*type), strerror(errno));
+ return False;
+ }
+{
+#if ACLS_NEED_MASK
+ uchar required_mask_perm = 0;
-+ BOOL saw_mask = False;
+#endif
++ BOOL saw_mask = False;
+ BOOL saw_user_obj = False, saw_group_obj = False,
+ saw_other = False;
+ size_t count = read_int(f);
+ break;
+ case 'm':
+ race->tag_type = SMB_ACL_MASK;
-+#if ACLS_NEED_MASK
+ saw_mask = True;
-+#endif
+ break;
+ default:
+ rprintf(FERROR, "receive_rsync_acl: unknown tag %c\n",
+ race->tag_type = SMB_ACL_MASK;
+ race->access = required_mask_perm;
+ }
++#else
++ /* If we, a system without ACLS_NEED_MASK, received data from a
++ * system that has masks, throw away the extraneous CLASS_OBJs. */
++ if (saw_mask && racl->count == 4) {
++ rsync_ace *group_obj_race = NULL, *mask_race = NULL;
++ rsync_ace *p;
++ size_t i;
++ for (i = 0, p = racl->races; i < racl->count; i++, p++) {
++ if (p->tag_type == SMB_ACL_MASK)
++ mask_race = p;
++ else if (p->tag_type == SMB_ACL_GROUP_OBJ)
++ group_obj_race = p;
++ }
++ if (mask_race == NULL || group_obj_race == NULL) {
++ rprintf(FERROR, "receive_rsync_acl: have four ACES "
++ "and one's ACL_MASK but missing "
++ "either it or ACL_GROUP_OBJ, "
++ "when pruning ACL\n");
++ } else {
++ /* mask off group perms with it first */
++ group_obj_race->access &= mask_race->access;
++ /* dump mask_race; re-slot any followers-on */
++ racl->count--;
++ if (mask_race != &racl->races[racl->count]) {
++ *mask_race = racl->races[racl->count];
++ saw_user_obj = False; /* force re-sort */
++ }
++ }
++ }
+#endif
+#if ACLS_NEED_MASK
+ if (!(saw_user_obj && saw_group_obj && saw_other && saw_mask))
+ SMB_ACL_T sacl_orig, sacl_bak;
+ rsync_acl racl_orig, racl_bak;
+ if (!(sacl_orig = sys_acl_get_file(orig, *type))) {
-+ rprintf(FERROR, "dup_acl : sys_acl_get_file(%s, %s): %s\n",
++ rprintf(FERROR, "dup_acl: sys_acl_get_file(%s, %s): %s\n",
+ orig, str_acl_type(*type), strerror(errno));
+ ret = -1;
+ continue;
+ }
+ if (!(sacl_bak = sys_acl_get_file(orig, *type))) {
-+ rprintf(FERROR, "dup_acl : sys_acl_get_file(%s, %s): %s. ignoring\n",
++ rprintf(FERROR, "dup_acl: sys_acl_get_file(%s, %s): %s. ignoring\n",
+ bak, str_acl_type(*type), strerror(errno));
+ ret = -1;
+ /* try to forge on through */
+ ret = -1;
+ }
+ } else if (-1 == sys_acl_set_file(bak, *type, sacl_bak)) {
-+ rprintf(FERROR, "dup_acl : sys_acl_set_file(%s, %s): %s\n",
++ rprintf(FERROR, "dup_acl: sys_acl_set_file(%s, %s): %s\n",
+ bak, str_acl_type(*type), strerror(errno));
+ ret = -1;
+ }
+ *sacl = NULL;
+ else {
+ if (!(*sacl = sys_acl_get_file(orig, *type))) {
-+ rprintf(FERROR, "push_keep_backup_acl : sys_acl_get_file(%s, %s): %s\n",
++ rprintf(FERROR, "push_keep_backup_acl: sys_acl_get_file(%s, %s): %s\n",
+ orig, str_acl_type(*type),
+ strerror(errno));
+ }
+ if (-1 == sys_acl_set_file(backup_dest_fname,
+ *type, *sacl))
+ {
-+ rprintf(FERROR, "push_keep_backup_acl : sys_acl_get_file(%s, %s): %s\n",
++ rprintf(FERROR, "push_keep_backup_acl: sys_acl_get_file(%s, %s): %s\n",
+ backup_dest_fname,
+ str_acl_type(*type),
+ strerror(errno));
+ set_acl_id(gid);
+}
+
-+
-+
+#endif /* SUPPORT_ACLS */
---- backup.c 15 May 2004 19:31:10 -0000 1.31
-+++ backup.c 6 Jun 2004 21:11:46 -0000
-@@ -105,6 +105,7 @@ static int make_bak_dir(char *fullpath)
+--- orig/backup.c 2004-09-20 19:50:13
++++ backup.c 2004-09-07 21:45:57
+@@ -119,6 +119,7 @@ static int make_bak_dir(char *fullpath)
} else {
do_lchown(fullpath, st.st_uid, st.st_gid);
do_chmod(fullpath, st.st_mode);
}
}
*p = '/';
-@@ -165,6 +166,8 @@ static int keep_backup(char *fname)
+@@ -176,6 +177,8 @@ static int keep_backup(char *fname)
+ if (!(buf = get_backup_name(fname)))
return 0;
- }
-+ PUSH_KEEP_BACKUP_ACL(file, fname, backup_dir_buf);
++ PUSH_KEEP_BACKUP_ACL(file, fname, buf);
+
#ifdef HAVE_MKNOD
/* Check to see if this is a device file, or link */
if (IS_DEVICE(file->mode)) {
-@@ -235,6 +238,7 @@ static int keep_backup(char *fname)
+@@ -251,6 +254,7 @@ static int keep_backup(char *fname)
}
}
- set_perms(backup_dir_buf, file, NULL, 0);
+ set_perms(buf, file, NULL, 0);
+ CLEANUP_KEEP_BACKUP_ACL();
free(file);
if (verbose > 1)
---- configure.in 30 Apr 2004 18:03:33 -0000 1.196
-+++ configure.in 6 Jun 2004 21:11:46 -0000
+--- orig/configure.in 2004-08-13 07:18:59
++++ configure.in 2004-08-19 19:53:27
@@ -434,6 +434,11 @@ if test x"$ac_cv_func_strcasecmp" = x"no
AC_CHECK_LIB(resolv, strcasecmp)
fi
dnl At the moment we don't test for a broken memcmp(), because all we
dnl need to do is test for equality, not comparison, and it seems that
dnl every platform has a memcmp that can do at least that.
-@@ -655,6 +660,74 @@ AC_SUBST(OBJ_RESTORE)
+@@ -656,6 +661,77 @@ AC_SUBST(OBJ_RESTORE)
AC_SUBST(CC_SHOBJ_FLAG)
AC_SUBST(BUILD_POPT)
+ LIBS="$LIBS -lpacl"
+ ;;
+ *)
++ AC_MSG_RESULT(ACLs requested -- running tests)
+ AC_CHECK_LIB(acl,acl_get_file)
+ AC_CACHE_CHECK([for ACL support],samba_cv_HAVE_POSIX_ACLS,[
+ AC_TRY_LINK([#include <sys/types.h>
+ if test x"$samba_cv_HAVE_POSIX_ACLS" = x"yes"; then
+ AC_MSG_RESULT(Using posix ACLs)
+ AC_DEFINE(HAVE_POSIX_ACLS, 1, [true if you have posix ACLs])
-+ AC_CACHE_CHECK([for acl_get_perm_np],samba_cv_HAVE_ACL_GET_PERM_NP,[
++ AC_CACHE_CHECK([for acl_get_perm_np],samba_cv_HAVE_ACL_GET_PERM_NP,[
+ AC_TRY_LINK([#include <sys/types.h>
+#include <sys/acl.h>],
+[ acl_permset_t permset_d; acl_perm_t perm; return acl_get_perm_np( permset_d, perm);],
+samba_cv_HAVE_ACL_GET_PERM_NP=yes,samba_cv_HAVE_ACL_GET_PERM_NP=no)])
-+ if test x"$samba_cv_HAVE_ACL_GET_PERM_NP" = x"yes"; then
-+ AC_DEFINE(HAVE_ACL_GET_PERM_NP, 1, [true if you have acl_get_perm_np])
-+ fi
++ if test x"$samba_cv_HAVE_ACL_GET_PERM_NP" = x"yes"; then
++ AC_DEFINE(HAVE_ACL_GET_PERM_NP, 1, [true if you have acl_get_perm_np])
++ fi
++ else
++ AC_MSG_ERROR(Failed to find ACL support)
+ fi
+ ;;
+ esac
AC_CONFIG_FILES([Makefile lib/dummy zlib/dummy popt/dummy shconfig])
AC_OUTPUT
---- flist.c 29 May 2004 21:21:17 -0000 1.226
-+++ flist.c 6 Jun 2004 21:11:47 -0000
-@@ -927,6 +927,8 @@ void send_file_name(int f, struct file_l
+--- orig/flist.c 2004-09-21 09:40:27
++++ flist.c 2004-07-03 20:11:58
+@@ -966,6 +966,8 @@ void send_file_name(int f, struct file_l
if (!file)
return;
maybe_emit_filelist_progress(flist);
-@@ -938,6 +940,10 @@ void send_file_name(int f, struct file_l
+@@ -974,6 +976,10 @@ void send_file_name(int f, struct file_l
if (file->basename[0]) {
flist->files[flist->count++] = file;
send_file_entry(file, f, base_flags);
}
if (recursive && S_ISDIR(file->mode)
-@@ -1255,6 +1261,8 @@ struct file_list *recv_file_list(int f)
+@@ -1291,6 +1297,8 @@ struct file_list *recv_file_list(int f)
flags |= read_byte(f) << 8;
receive_file_entry(&flist->files[i], flags, flist, f);
if (S_ISREG(flist->files[i]->mode))
stats.total_size += flist->files[i]->length;
-@@ -1277,6 +1285,8 @@ struct file_list *recv_file_list(int f)
+@@ -1313,6 +1321,8 @@ struct file_list *recv_file_list(int f)
clean_flist(flist, relative_paths, 1);
if (f != -1) {
/* Now send the uid/gid list. This was introduced in
* protocol version 15 */
---- generator.c 5 Jun 2004 16:16:30 -0000 1.86
-+++ generator.c 6 Jun 2004 21:11:47 -0000
-@@ -353,6 +353,10 @@ void recv_generator(char *fname, struct
+--- orig/generator.c 2004-09-20 19:50:13
++++ generator.c 2004-07-03 20:11:58
+@@ -338,6 +338,10 @@ static void recv_generator(char *fname,
if (set_perms(fname, file, statret ? NULL : &st, 0)
&& verbose && f_out != -1)
- rprintf(FINFO,"%s/\n",fname);
+ rprintf(FINFO, "%s/\n", safe_fname(fname));
+#if SUPPORT_ACLS
+ if (f_out == -1)
+ SET_ACL(fname, file);
return;
}
---- mkproto.awk 1 Jan 2004 21:10:50 -0000 1.6
-+++ mkproto.awk 6 Jun 2004 21:11:47 -0000
+--- orig/mkproto.awk 2004-01-01 21:10:50
++++ mkproto.awk 2004-06-30 00:04:06
@@ -58,7 +58,7 @@ BEGIN {
next;
}
next;
}
---- options.c 6 Jun 2004 19:02:40 -0000 1.155
-+++ options.c 6 Jun 2004 21:11:47 -0000
+--- orig/options.c 2004-09-20 05:10:48
++++ options.c 2004-08-19 17:38:57
@@ -43,6 +43,7 @@ int keep_dirlinks = 0;
int copy_links = 0;
int preserve_links = 0;
int preserve_perms = 0;
int preserve_devices = 0;
int preserve_uid = 0;
-@@ -150,6 +151,7 @@ static void print_rsync_version(enum log
- {
+@@ -152,6 +153,7 @@ static void print_rsync_version(enum log
char const *got_socketpair = "no ";
+ char const *have_inplace = "no ";
char const *hardlinks = "no ";
+ char const *acls = "no ";
char const *links = "no ";
char const *ipv6 = "no ";
STRUCT_STAT *dumstat;
-@@ -162,6 +164,10 @@ static void print_rsync_version(enum log
+@@ -168,6 +170,10 @@ static void print_rsync_version(enum log
hardlinks = "";
#endif
#if SUPPORT_LINKS
links = "";
#endif
-@@ -176,9 +182,9 @@ static void print_rsync_version(enum log
+@@ -182,9 +188,9 @@ static void print_rsync_version(enum log
"Copyright (C) 1996-2004 by Andrew Tridgell and others\n");
rprintf(f, "<http://rsync.samba.org/>\n");
rprintf(f, "Capabilities: %d-bit files, %ssocketpairs, "
- "%shard links, %ssymlinks, batchfiles, \n",
-+ "%shard links, %sacls, %ssymlinks, batchfiles, \n",
++ "%shard links, %sACLs, %ssymlinks, batchfiles, \n",
(int) (sizeof (OFF_T) * 8),
- got_socketpair, hardlinks, links);
+ got_socketpair, hardlinks, acls, links);
/* Note that this field may not have type ino_t. It depends
* on the complicated interaction between largefile feature
-@@ -241,6 +247,7 @@ void usage(enum logcode F)
+@@ -249,6 +255,7 @@ void usage(enum logcode F)
rprintf(F," --safe-links ignore \"unsafe\" symlinks\n");
rprintf(F," -H, --hard-links preserve hard links\n");
rprintf(F," -p, --perms preserve permissions\n");
rprintf(F," -o, --owner preserve owner (root only)\n");
rprintf(F," -g, --group preserve group\n");
rprintf(F," -D, --devices preserve devices (root only)\n");
-@@ -386,6 +393,7 @@ static struct poptOption long_options[]
- {"address", 0, POPT_ARG_STRING, &bind_address, 0, 0, 0 },
- {"backup-dir", 0, POPT_ARG_STRING, &backup_dir, 0, 0, 0 },
- {"hard-links", 'H', POPT_ARG_NONE, &preserve_hard_links, 0, 0, 0 },
-+ {"acls", 'A', POPT_ARG_NONE, &preserve_acls, 0, 0, 0 },
- {"read-batch", 0, POPT_ARG_STRING, &batch_prefix, OPT_READ_BATCH, 0, 0 },
- {"write-batch", 0, POPT_ARG_STRING, &batch_prefix, OPT_WRITE_BATCH, 0, 0 },
- {"files-from", 0, POPT_ARG_STRING, &files_from, 0, 0, 0 },
-@@ -601,6 +609,31 @@ int parse_arguments(int *argc, const cha
+@@ -358,6 +365,7 @@ static struct poptOption long_options[]
+ {"no-whole-file", 0, POPT_ARG_VAL, &whole_file, 0, 0, 0 },
+ {"copy-unsafe-links", 0, POPT_ARG_NONE, ©_unsafe_links, 0, 0, 0 },
+ {"perms", 'p', POPT_ARG_NONE, &preserve_perms, 0, 0, 0 },
++ {"acls", 'A', POPT_ARG_NONE, 0, 'A', 0, 0 },
+ {"owner", 'o', POPT_ARG_NONE, &preserve_uid, 0, 0, 0 },
+ {"group", 'g', POPT_ARG_NONE, &preserve_gid, 0, 0, 0 },
+ {"devices", 'D', POPT_ARG_NONE, &preserve_devices, 0, 0, 0 },
+@@ -616,6 +624,24 @@ int parse_arguments(int *argc, const cha
return 0;
#endif
+ * restrict group and other access in the presence
+ * of any more restrictive ACLs, but this is safe
+ * for now */
-+ /* FIXME: Don't say "server" if this is
-+ * happening on the client. */
-+ /* FIXME: Why do we have the duplicated
-+ * rprintf? Everybody who gets this message
-+ * ought to send it to the client and also to
-+ * the logs. */
+ snprintf(err_buf,sizeof(err_buf),
+ "ACLs are not supported on this %s\n",
+ am_server ? "server" : "client");
-+ rprintf(FERROR,"ERROR: ACLs not supported on this platform\n");
+ return 0;
+#endif /* SUPPORT_ACLS */
+ break;
default:
/* A large opt value means that set_refuse_options()
* turned this option off (opt-BASE is its index). */
-@@ -838,6 +871,8 @@ void server_options(char **args,int *arg
+@@ -938,6 +964,8 @@ void server_options(char **args,int *arg
if (preserve_hard_links)
argstr[x++] = 'H';
if (preserve_uid)
argstr[x++] = 'o';
if (preserve_gid)
---- rsync.c 21 May 2004 08:43:03 -0000 1.140
-+++ rsync.c 6 Jun 2004 21:11:47 -0000
-@@ -204,6 +204,14 @@ int set_perms(char *fname,struct file_st
+--- orig/rsync.c 2004-09-07 21:45:30
++++ rsync.c 2004-07-03 20:11:58
+@@ -207,6 +207,14 @@ int set_perms(char *fname,struct file_st
}
#endif
if (verbose > 1 && flags & PERMS_REPORT) {
if (updated)
rprintf(FINFO,"%s\n",fname);
---- rsync.h 16 May 2004 07:28:24 -0000 1.204
-+++ rsync.h 6 Jun 2004 21:11:47 -0000
-@@ -538,6 +538,40 @@ static inline int flist_up(struct file_l
+--- orig/rsync.h 2004-08-03 15:41:32
++++ rsync.h 2004-07-03 20:11:58
+@@ -541,6 +541,40 @@ static inline int flist_up(struct file_l
#include "lib/permstring.h"
#include "lib/addrinfo.h"
#include "proto.h"
/* We have replacement versions of these if they're missing. */
---- rsync.yo 5 Jun 2004 16:16:30 -0000 1.171
-+++ rsync.yo 6 Jun 2004 21:11:48 -0000
-@@ -296,6 +296,7 @@ verb(
+--- orig/rsync.yo 2004-09-20 05:10:48
++++ rsync.yo 2004-07-03 20:11:58
+@@ -326,6 +326,7 @@ verb(
--safe-links ignore "unsafe" symlinks
-H, --hard-links preserve hard links
-p, --perms preserve permissions
-o, --owner preserve owner (root only)
-g, --group preserve group
-D, --devices preserve devices (root only)
-@@ -527,6 +528,11 @@ source file's permissions and the umask
+@@ -578,6 +579,11 @@ source file's permissions and the umask
other files (including updated files) retain their existing permissions
(which is the same behavior as other file-copy utilities, such as cp).
dit(bf(-o, --owner)) This option causes rsync to set the owner of the
destination file to be the same as the source file. On most systems,
only the super-user can set file ownership. By default, the preservation
---- /dev/null 1 Jan 1970 00:00:00 -0000
-+++ smb_acls.h 6 Jun 2004 21:11:48 -0000
+--- orig/smb_acls.h 2004-06-30 00:04:07
++++ smb_acls.h 2004-06-30 00:04:07
@@ -0,0 +1,277 @@
+/*
+ Unix SMB/Netbios implementation.
+
+#endif /* No ACLs. */
+#endif /* _SMB_ACLS_H */
---- /dev/null 1 Jan 1970 00:00:00 -0000
-+++ sysacls.c 6 Jun 2004 21:11:49 -0000
+--- orig/sysacls.c 2004-08-19 17:38:21
++++ sysacls.c 2004-08-19 17:38:21
@@ -0,0 +1,3117 @@
+/*
+ Unix SMB/Netbios implementation.
+}
+
+#endif /* No ACLs. */
---- uidlist.c 28 Apr 2004 17:31:31 -0000 1.24
-+++ uidlist.c 6 Jun 2004 21:11:49 -0000
+--- orig/uidlist.c 2004-04-29 19:37:25
++++ uidlist.c 2004-07-03 20:11:58
@@ -34,6 +34,7 @@
extern int verbose;
extern int preserve_uid;