attribute value instead of as real file-system attributes. The items
affected are:
- mode the real mode of a file is always (666 & umask) while
- the real mode of a directory is always (777 & umask).
+ mode the real mode of the file always has the special-permission bits
+ cleared (u-s,g-s,o-t) and full owner access is always enabled
+ (u+rw for files and u+rwx for directories). The former makes
+ the files safe if the user and/or group info was not really
+ preserved, and the latter ensures that our fake-super process
+ can always read & write & scan the files and directories.
- rdev devices and special files are created as zero-length
- normal files.
+ rdev devices and special files are created as zero-length normal
+ files (with all the attributes preserved in the xattr-stat).
- uid the real owner is always left unchanged.
+ uid the real owner will be the executor of the receiving rsync.
- gid the real group is always left unchanged.
-
-A daemon can set "fake super = yes" in the rsync.conf file for any module
-that you'd like to run without root perms while pretending it has them (the
-client cannot affect this).
+ gid the real group will be the default group of the executor.
The --fake-super option only affects the side where the option is used. To
affect the remote side of a remote-shell connection, specify an rsync path:
rsync -av --rsync-path='rsync --fake-super' /src/ host:/dest/
-For a local copy where you want to affect only one side or the other,
-you'll need to turn the copy into a remote copy to localhost.
+The --fake-super option affects both sides of a local copy, so if you want
+to affect only one side or the other, you'll need to turn the copy into a
+remote copy to/from localhost. However, it's always safe to copy from some
+non-fake-super files into some fake-super files using a normal local copy
+since the non-fake source files will just have their normal attributes.
+
+A daemon can set "fake super = yes" in the rsync.conf file for any module
+that you'd like to be able to preserve all attributes without having it
+run as root (the client cannot affect this setting on the daemon).
After applying this patch, run these commands for a successful build:
./prepare-source
- ./configure
+ ./configure --enable-xattr-support
make
---- old/Makefile.in
-+++ new/Makefile.in
-@@ -41,7 +41,7 @@ popt_OBJS=popt/findme.o popt/popt.o po
- popt/popthelp.o popt/poptparse.o
- OBJS=$(OBJS1) $(OBJS2) $(OBJS3) $(DAEMON_OBJ) $(LIBOBJ) $(ZLIBOBJ) @BUILD_POPT@
-
--TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o
-+TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o lib/sysxattr.o
-
- # Programs we must have to run the test cases
- CHECK_PROGS = rsync$(EXEEXT) tls$(EXEEXT) getgroups$(EXEEXT) getfsdev$(EXEEXT) \
-@@ -83,11 +83,11 @@ getgroups$(EXEEXT): getgroups.o
- getfsdev$(EXEEXT): getfsdev.o
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ getfsdev.o $(LIBS)
-
--TRIMSLASH_OBJ = trimslash.o syscall.o lib/compat.o lib/snprintf.o
-+TRIMSLASH_OBJ = trimslash.o syscall.o lib/compat.o lib/snprintf.o lib/sysxattr.o
- trimslash$(EXEEXT): $(TRIMSLASH_OBJ)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(TRIMSLASH_OBJ) $(LIBS)
-
--T_UNSAFE_OBJ = t_unsafe.o syscall.o util.o t_stub.o lib/compat.o lib/snprintf.o
-+T_UNSAFE_OBJ = t_unsafe.o syscall.o util.o t_stub.o lib/compat.o lib/snprintf.o lib/sysxattr.o
- t_unsafe$(EXEEXT): $(T_UNSAFE_OBJ)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(T_UNSAFE_OBJ) $(LIBS)
+or, if you want ACL support too:
+
+ ./prepare-source
+ ./configure --enable-acl-support --enable-xattr-support
+ make
+
+TODO:
+
+ - We may want to normalize the mode somehow, so that the value in the
+ xattr field is more portable. E.g. separate the type from the mode
+ value and reconstruct it.
+
+--- old/backup.c
++++ new/backup.c
+@@ -129,7 +129,7 @@ static int make_bak_dir(char *fullpath)
+ if (p >= rel) {
+ /* Try to transfer the directory settings of the
+ * actual dir that the files are coming from. */
+- if (do_stat(rel, &sx.st) < 0) {
++ if (x_stat(rel, &sx.st, NULL) < 0) {
+ rsyserr(FERROR, errno,
+ "make_bak_dir stat %s failed",
+ full_fname(rel));
+@@ -200,7 +200,7 @@ static int keep_backup(char *fname)
+ int ret_code;
+ /* return if no file to keep */
+- if (do_lstat(fname, &sx.st) < 0)
++ if (x_lstat(fname, &sx.st, NULL) < 0)
+ return 1;
+ #ifdef SUPPORT_ACLS
+ sx.acc_acl = sx.def_acl = NULL;
--- old/clientserver.c
+++ new/clientserver.c
@@ -625,6 +625,11 @@ static int rsync_module(int f_in, int f_
if (filesfrom_fd == 0)
filesfrom_fd = f_in;
+--- old/flist.c
++++ new/flist.c
+@@ -181,7 +181,7 @@ static int readlink_stat(const char *pat
+ }
+ return 0;
+ #else
+- return do_stat(path, stp);
++ return x_stat(path, stp, NULL);
+ #endif
+ }
+
+@@ -189,17 +189,17 @@ int link_stat(const char *path, STRUCT_S
+ {
+ #ifdef SUPPORT_LINKS
+ if (copy_links)
+- return do_stat(path, stp);
+- if (do_lstat(path, stp) < 0)
++ return x_stat(path, stp, NULL);
++ if (x_lstat(path, stp, NULL) < 0)
+ return -1;
+ if (follow_dirlinks && S_ISLNK(stp->st_mode)) {
+ STRUCT_STAT st;
+- if (do_stat(path, &st) == 0 && S_ISDIR(st.st_mode))
++ if (x_stat(path, &st, NULL) == 0 && S_ISDIR(st.st_mode))
+ *stp = st;
+ }
+ return 0;
+ #else
+- return do_stat(path, stp);
++ return x_stat(path, stp, NULL);
+ #endif
+ }
+
+@@ -234,26 +234,6 @@ static int is_excluded(char *fname, int
+ return 0;
+ }
+
+-static int to_wire_mode(mode_t mode)
+-{
+-#ifdef SUPPORT_LINKS
+-#if _S_IFLNK != 0120000
+- if (S_ISLNK(mode))
+- return (mode & ~(_S_IFMT)) | 0120000;
+-#endif
+-#endif
+- return mode;
+-}
+-
+-static mode_t from_wire_mode(int mode)
+-{
+-#if _S_IFLNK != 0120000
+- if ((mode & (_S_IFMT)) == 0120000)
+- return (mode & ~(_S_IFMT)) | _S_IFLNK;
+-#endif
+- return mode;
+-}
+-
+ static void send_directory(int f, struct file_list *flist,
+ char *fbuf, int len);
+
+@@ -793,7 +773,7 @@ struct file_struct *make_file(char *fnam
+ if (save_errno == ENOENT) {
+ #ifdef SUPPORT_LINKS
+ /* Avoid "vanished" error if symlink points nowhere. */
+- if (copy_links && do_lstat(thisname, &st) == 0
++ if (copy_links && x_lstat(thisname, &st, NULL) == 0
+ && S_ISLNK(st.st_mode)) {
+ io_error |= IOERR_GENERAL;
+ rprintf(FERROR, "symlink has no referent: %s\n",
+@@ -963,7 +943,7 @@ struct file_struct *make_file(char *fnam
+ int save_mode = file->mode;
+ file->mode = S_IFDIR; /* Find a directory with our name. */
+ if (flist_find(the_file_list, file) >= 0
+- && do_stat(thisname, &st2) == 0 && S_ISDIR(st2.st_mode)) {
++ && x_stat(thisname, &st2, NULL) == 0 && S_ISDIR(st2.st_mode)) {
+ file->modtime = st2.st_mtime;
+ file->length = st2.st_size;
+ file->mode = st2.st_mode;
--- old/generator.c
+++ new/generator.c
@@ -1510,13 +1510,14 @@ void generate_files(int f_out, struct fi
rprintf(F," -t, --times preserve times\n");
rprintf(F," -O, --omit-dir-times omit directories when preserving times\n");
rprintf(F," --super receiver attempts super-user activities\n");
-+ rprintf(F," --fake-super fake root by storing/reading ownership/etc in EAs\n");
++ rprintf(F," --fake-super store/recover privileged attrs using xattrs\n");
rprintf(F," -S, --sparse handle sparse files efficiently\n");
rprintf(F," -n, --dry-run show what would have been transferred\n");
rprintf(F," -W, --whole-file copy files whole (without rsync algorithm)\n");
{"owner", 'o', POPT_ARG_VAL, &preserve_uid, 1, 0, 0 },
{"no-owner", 0, POPT_ARG_VAL, &preserve_uid, 0, 0, 0 },
{"no-o", 0, POPT_ARG_VAL, &preserve_uid, 0, 0, 0 },
+--- old/receiver.c
++++ new/receiver.c
+@@ -528,7 +528,7 @@ int recv_files(int f_in, struct file_lis
+ if (fd1 == -1) {
+ st.st_mode = 0;
+ st.st_size = 0;
+- } else if (do_fstat(fd1,&st) != 0) {
++ } else if (x_fstat(fd1, &st, NULL) != 0) {
+ rsyserr(FERROR, errno, "fstat %s failed",
+ full_fname(fnamecmp));
+ discard_receive_data(f_in, file->length);
--- old/rsync.c
+++ new/rsync.c
-@@ -197,6 +197,12 @@ int set_file_attrs(char *fname, struct f
+@@ -49,7 +49,6 @@ extern int preserve_gid;
+ extern int inplace;
+ extern int keep_dirlinks;
+ extern int make_backups;
+-extern mode_t orig_umask;
+ extern struct stats stats;
+ extern struct chmod_mode_struct *daemon_chmod_modes;
+
+@@ -197,7 +196,9 @@ int set_file_attrs(char *fname, struct f
(long)sxp->st.st_gid, (long)file->gid);
}
}
-+ if (am_root < 0) {
-+ if (change_uid)
-+ sxp->st.st_uid = file->uid;
-+ if (change_gid)
-+ sxp->st.st_gid = file->gid;
-+ } else
- if (do_lchown(fname,
+- if (do_lchown(fname,
++ if (am_root < 0)
++ ;
++ else if (do_lchown(fname,
change_uid ? file->uid : sxp->st.st_uid,
change_gid ? file->gid : sxp->st.st_gid) != 0) {
-@@ -206,7 +212,7 @@ int set_file_attrs(char *fname, struct f
+ /* shouldn't have attempted to change uid or gid
+@@ -206,7 +207,7 @@ int set_file_attrs(char *fname, struct f
change_uid ? "chown" : "chgrp",
full_fname(fname));
goto cleanup;
/* a lchown had been done - we have to re-stat if the
* destination had the setuid or setgid bits set due
* to the side effect of the chown call */
-@@ -237,7 +243,16 @@ int set_file_attrs(char *fname, struct f
+@@ -223,6 +224,8 @@ int set_file_attrs(char *fname, struct f
+ #ifdef SUPPORT_XATTRS
+ if (preserve_xattrs && set_xattr(fname, file, sxp) == 0)
+ updated = 1;
++ if (am_root < 0)
++ set_stat_xattr(fname, file);
+ #endif
+ #ifdef SUPPORT_ACLS
+ /* It's OK to call set_acl() now, even for a dir, as the generator
+@@ -237,7 +240,7 @@ int set_file_attrs(char *fname, struct f
#ifdef HAVE_CHMOD
if ((sxp->st.st_mode & CHMOD_BITS) != (new_mode & CHMOD_BITS)) {
- int ret = do_chmod(fname, new_mode);
-+ int ret;
-+ if (am_root < 0) {
-+ mode_t mode = 0666 & ~orig_umask;
-+ if ((sxp->st.st_mode & CHMOD_BITS) != mode)
-+ ret = do_chmod(fname, mode);
-+ else
-+ ret = 0;
-+ sxp->st.st_mode = new_mode;
-+ } else
-+ ret = do_chmod(fname, new_mode);
++ int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode);
if (ret < 0) {
rsyserr(FERROR, errno,
"failed to set permissions on %s",
-@@ -249,6 +264,22 @@ int set_file_attrs(char *fname, struct f
- }
- #endif
-
-+ if (am_root < 0) {
-+ int write_it = updated;
-+ if (IS_DEVICE(file->mode) || IS_SPECIAL(file->mode)) {
-+ if (file->u.rdev != sxp->st.st_rdev) {
-+ sxp->st.st_rdev = file->u.rdev;
-+ write_it = 1;
-+ }
-+ } else
-+ sxp->st.st_rdev = 0;
-+ if (write_it && set_stat_xattr(fname, &sxp->st) < 0) {
-+ rsyserr(FERROR, errno,
-+ "write of stat xattr failed for %s",
-+ full_fname(fname));
-+ }
-+ }
-+
- if (verbose > 1 && flags & ATTRS_REPORT) {
- if (updated)
- rprintf(FCLIENT, "%s\n", fname);
--- old/rsync.h
+++ new/rsync.h
-@@ -35,6 +35,8 @@
+@@ -708,6 +708,12 @@ typedef struct {
- #define BACKUP_SUFFIX "~"
+ #include "proto.h"
-+#define FAKE_XATTR "user.rsync%stat"
++#ifndef SUPPORT_XATTRS
++#define x_stat(fn,fst,xst) do_stat(fn,fst)
++#define x_lstat(fn,fst,xst) do_lstat(fn,fst)
++#define x_fstat(fd,fst,xst) do_fstat(fd,fst)
++#endif
+
- /* a non-zero CHAR_OFFSET makes the rolling sum stronger, but is
- incompatible with older versions :-( */
- #define CHAR_OFFSET 0
---- old/syscall.c
-+++ new/syscall.c
-@@ -22,12 +22,14 @@
- */
+ /* We have replacement versions of these if they're missing. */
+ #ifndef HAVE_ASPRINTF
+ int asprintf(char **ptr, const char *format, ...);
+@@ -925,3 +931,23 @@ int inet_pton(int af, const char *src, v
+ #ifdef MAINTAINER_MODE
+ const char *get_panic_action(void);
+ #endif
++
++static inline int to_wire_mode(mode_t mode)
++{
++#ifdef SUPPORT_LINKS
++#if _S_IFLNK != 0120000
++ if (S_ISLNK(mode))
++ return (mode & ~(_S_IFMT)) | 0120000;
++#endif
++#endif
++ return mode;
++}
++
++static inline mode_t from_wire_mode(int mode)
++{
++#if _S_IFLNK != 0120000
++ if ((mode & (_S_IFMT)) == 0120000)
++ return (mode & ~(_S_IFMT)) | _S_IFLNK;
++#endif
++ return mode;
++}
+--- old/rsync.yo
++++ new/rsync.yo
+@@ -333,6 +333,7 @@ to the detailed description below for a
+ -t, --times preserve times
+ -O, --omit-dir-times omit directories when preserving times
+ --super receiver attempts super-user activities
++ --fake-super store/recover privileged attrs using xattrs
+ -S, --sparse handle sparse files efficiently
+ -n, --dry-run show what would have been transferred
+ -W, --whole-file copy files whole (without rsync algorithm)
+@@ -899,6 +900,31 @@ also for ensuring that you will get erro
+ being running as the super-user. To turn off super-user activities, the
+ super-user can use bf(--no-super).
- #include "rsync.h"
-+#include "lib/sysxattr.h"
++dit(bf(--fake-super)) When this option is enabled, privileged attributes
++are stored and recovered via a special extended attribute that is attached
++to each file (as needed). This includes the file's owner and group (if it
++is not the default), the file's device info (device & special files are
++created as empty text files), and any permission bits that we won't allow
++to be set on the real file (e.g. the real file gets u-s,g-s,o-t for safety)
++or that would limit the owner's access (since the real super user can
++always access a file or directory, the files we create can always be
++accessed by the creating user too).
++
++The bf(--fake-super) option only affects the side where the option is used.
++To affect the remote side of a remote-shell connection, specify an rsync
++path:
++
++quote(tt( rsync -av --rsync-path="rsync --fake-super" /src/ host:/dest/))
++
++The bf(--fake-super) option affects both sides of a em(local) copy, so if
++you want to affect only one side or the other, you'll need to turn the copy
++into a remote copy to/from localhost. However, it's always safe to copy
++from some non-fake-super files into some fake-super files using a normal
++local copy since the non-fake source files will just have their normal
++attributes.
++
++See also the "fake super" setting in the daemon's rsyncd.conf file.
++
+ dit(bf(-S, --sparse)) Try to handle sparse files efficiently so they take
+ up less space on the destination. Conflicts with bf(--inplace) because it's
+ not possible to overwrite data in a sparse fashion.
+--- old/rsyncd.conf.yo
++++ new/rsyncd.conf.yo
+@@ -226,6 +226,11 @@ file transfers to and from that module s
+ was run as root. This complements the "uid" option. The default is gid -2,
+ which is normally the group "nobody".
- #if !defined MKNOD_CREATES_SOCKETS && defined HAVE_SYS_UN_H
- #include <sys/un.h>
++dit(bf(fake super)) Setting "fake super = yes" for a module causes the
++daemon side to behave as if the bf(--fake-user) command-line option had
++been specified. This allows the full attributes of a file to be stored
++without having to have the daemon actually running as root.
++
+ dit(bf(filter)) The "filter" option allows you to specify a space-separated
+ list of filter rules that the daemon will not allow to be read or written.
+ This is only superficially equivalent to the client specifying these
+--- old/syscall.c
++++ new/syscall.c
+@@ -28,6 +28,7 @@
#endif
extern int dry_run;
extern int read_only;
extern int list_only;
extern int preserve_perms;
-@@ -79,6 +81,15 @@ int do_mknod(char *pathname, mode_t mode
+@@ -79,6 +80,15 @@ int do_mknod(char *pathname, mode_t mode
{
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
#if !defined MKNOD_CREATES_FIFOS && defined HAVE_MKFIFO
if (S_ISFIFO(mode))
return mkfifo(pathname, mode);
-@@ -215,23 +226,71 @@ int do_mkstemp(char *template, mode_t pe
- #endif
- }
-
-+int get_stat_xattr(const char *fname, STRUCT_STAT *st)
-+{
-+ int mode, rdev_major, rdev_minor, uid, gid, len;
-+ char buf[256];
-+
-+ len = sys_lgetxattr(fname, FAKE_XATTR, buf, sizeof buf - 1);
-+ if (len < 0 || len >= (int)sizeof buf) {
-+ if (errno == ENOTSUP || errno == ENOATTR)
-+ return 0;
-+ return -1;
-+ }
-+ buf[len] = '\0';
-+
-+ if (sscanf(buf, "%o %d,%d %d:%d",
-+ &mode, &rdev_major, &rdev_minor, &uid, &gid) != 4) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
-+ st->st_mode = mode;
-+ st->st_rdev = MAKEDEV(rdev_major, rdev_minor);
-+ st->st_uid = uid;
-+ st->st_gid = gid;
-+
-+ return 0;
-+}
-+
-+int set_stat_xattr(const char *fname, STRUCT_STAT *st)
-+{
-+ char buf[256];
-+ int len;
-+ if (dry_run) return 0;
-+ RETURN_ERROR_IF_RO_OR_LO;
-+ len = snprintf(buf, sizeof buf, "%o %u,%u %u:%u",
-+ (int)st->st_mode,
-+ (int)major(st->st_rdev), (int)minor(st->st_rdev),
-+ (int)st->st_uid, (int)st->st_gid);
-+ return sys_lsetxattr(fname, FAKE_XATTR, buf, len, 0);
-+}
-+
- int do_stat(const char *fname, STRUCT_STAT *st)
- {
-+ int ret;
- #ifdef USE_STAT64_FUNCS
-- return stat64(fname, st);
-+ ret = stat64(fname, st);
- #else
-- return stat(fname, st);
-+ ret = stat(fname, st);
- #endif
-+ if (am_root < 0 && ret == 0)
-+ get_stat_xattr(fname, st);
-+ return ret;
- }
-
- int do_lstat(const char *fname, STRUCT_STAT *st)
- {
- #ifdef SUPPORT_LINKS
-+ int ret;
- # ifdef USE_STAT64_FUNCS
-- return lstat64(fname, st);
-+ ret = lstat64(fname, st);
- # else
-- return lstat(fname, st);
-+ ret = lstat(fname, st);
- # endif
-+ if (am_root < 0 && ret == 0)
-+ get_stat_xattr(fname, st);
-+ return ret;
- #else
- return do_stat(fname, st);
- #endif
--- old/t_unsafe.c
+++ new/t_unsafe.c
@@ -24,7 +24,11 @@
int preserve_perms = 0;
--- old/xattr.c
+++ new/xattr.c
-@@ -26,6 +26,7 @@
- #ifdef SUPPORT_XATTRS
-
+@@ -28,11 +28,15 @@
extern int dry_run;
+ extern int read_only;
+ extern int list_only;
+extern int am_root;
++extern mode_t orig_umask;
extern unsigned int file_struct_len;
#define RSYNC_XAL_INITIAL 5
-@@ -130,9 +131,15 @@ static int rsync_xal_get(const char *fna
+ #define RSYNC_XAL_LIST_INITIAL 100
+
++#define FAKE_XATTR "user.rsync%stat"
++
+ typedef struct {
+ char *name;
+ char *datum;
+@@ -132,9 +136,15 @@ static int rsync_xal_get(const char *fna
if (name_size == 0)
return 0;
for (left = name_size, name = namebuf; left > 0 ; left -= len, name += len) {
datum_size = sys_lgetxattr(fname, name, NULL, 0);
if (datum_size < 0) {
if (errno == ENOTSUP)
-@@ -285,10 +292,19 @@ void receive_xattr(struct file_struct *f
+@@ -287,10 +297,19 @@ void receive_xattr(struct file_struct *f
out_of_memory("receive_xattr");
read_buf(f, ptr, name_len);
read_buf(f, ptr + name_len, datum_len);
rxa->datum = ptr + name_len;
+
#ifdef HAVE_OSX_XATTRS
- if (strncmp(rxa->name, unique_prefix, upre_len) == 0) {
- rxa->name_len -= upre_len;
+ if (strncmp(rxa->name, UNIQUE_PREFIX, UPRE_LEN) == 0) {
+ rxa->name_len -= UPRE_LEN;
+@@ -372,4 +391,146 @@ int set_xattr(const char *fname, const s
+ return rsync_xal_set(fname, lst + ndx); /* TODO: This needs to return 1 if no xattrs changed! */
+ }
+
++int get_stat_xattr(const char *fname, int fd, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int mode, rdev_major, rdev_minor, uid, gid, len;
++ char buf[256];
++
++ if (am_root >= 0)
++ return -1;
++
++ if (xst)
++ *xst = *fst;
++ else
++ xst = fst;
++ if (fname) {
++ fd = -1;
++ len = sys_lgetxattr(fname, FAKE_XATTR, buf, sizeof buf - 1);
++ } else {
++ fname = "fd";
++ len = sys_fgetxattr(fd, FAKE_XATTR, buf, sizeof buf - 1);
++ }
++ if (len >= (int)sizeof buf) {
++ len = -1;
++ errno = ERANGE;
++ }
++ if (len < 0) {
++ if (errno == ENOTSUP || errno == ENOATTR)
++ return -1;
++ if (errno == EPERM && S_ISLNK(fst->st_mode)) {
++ xst->st_uid = 0;
++ xst->st_gid = 0;
++ return 0;
++ }
++ rsyserr(FERROR, errno, "failed to read xattr %s for %s",
++ FAKE_XATTR, full_fname(fname));
++ return -1;
++ }
++ buf[len] = '\0';
++
++ if (sscanf(buf, "%o %d,%d %d:%d",
++ &mode, &rdev_major, &rdev_minor, &uid, &gid) != 5) {
++ rprintf(FERROR, "Corrupt %s xattr attached to %s: \"%s\"\n",
++ FAKE_XATTR, full_fname(fname), buf);
++ exit_cleanup(RERR_FILEIO);
++ }
++
++ xst->st_mode = from_wire_mode(mode);
++ xst->st_rdev = MAKEDEV(rdev_major, rdev_minor);
++ xst->st_uid = uid;
++ xst->st_gid = gid;
++
++ return 0;
++}
++
++int set_stat_xattr(const char *fname, struct file_struct *file)
++{
++ STRUCT_STAT fst, xst;
++ dev_t rdev;
++ mode_t mode;
++
++ if (dry_run)
++ return 0;
++
++ if (read_only || list_only) {
++ rsyserr(FERROR, EROFS, "failed to write xattr %s for %s",
++ FAKE_XATTR, full_fname(fname));
++ return -1;
++ }
++
++ if (x_lstat(fname, &fst, &xst) < 0) {
++ rsyserr(FERROR, errno, "failed to re-stat %s",
++ full_fname(fname));
++ return -1;
++ }
++
++ if (IS_DEVICE(file->mode) || IS_SPECIAL(file->mode))
++ rdev = file->u.rdev;
++ else
++ rdev = 0;
++
++ /* Dump the special permissions and enable full owner access. */
++ mode = (fst.st_mode & ~CHMOD_BITS) | (file->mode & ACCESSPERMS)
++ | (S_ISDIR(fst.st_mode) ? 0700 : 0600);
++ if (fst.st_mode != mode)
++ do_chmod(fname, mode);
++ if (!IS_DEVICE(fst.st_mode) && !IS_SPECIAL(fst.st_mode))
++ fst.st_rdev = 0; /* just in case */
++
++ if (mode == file->mode && fst.st_rdev == rdev
++ && fst.st_uid == file->uid && fst.st_gid == file->gid) {
++ /* xst.st_mode will be 0 if there's no current stat xattr */
++ if (xst.st_mode && sys_lremovexattr(fname, FAKE_XATTR) < 0) {
++ rsyserr(FERROR, errno,
++ "delete of stat xattr failed for %s",
++ full_fname(fname));
++ return -1;
++ }
++ return 0;
++ }
++
++ if (xst.st_mode != file->mode || xst.st_rdev != rdev
++ || xst.st_uid != file->uid || xst.st_gid != file->gid) {
++ char buf[256];
++ int len = snprintf(buf, sizeof buf, "%o %u,%u %u:%u",
++ to_wire_mode(file->mode),
++ (int)major(rdev), (int)minor(rdev),
++ (int)file->uid, (int)file->gid);
++ if (sys_lsetxattr(fname, FAKE_XATTR, buf, len, 0) < 0) {
++ if (errno == EPERM && S_ISLNK(fst.st_mode))
++ return 0;
++ rsyserr(FERROR, errno,
++ "failed to write xattr %s for %s",
++ FAKE_XATTR, full_fname(fname));
++ return -1;
++ }
++ }
++
++ return 0;
++}
++
++int x_stat(const char *fname, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int ret = do_stat(fname, fst);
++ if ((ret < 0 || get_stat_xattr(fname, -1, fst, xst) < 0) && xst)
++ xst->st_mode = 0;
++ return ret;
++}
++
++int x_lstat(const char *fname, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int ret = do_lstat(fname, fst);
++ if ((ret < 0 || get_stat_xattr(fname, -1, fst, xst) < 0) && xst)
++ xst->st_mode = 0;
++ return ret;
++}
++
++int x_fstat(int fd, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int ret = do_fstat(fd, fst);
++ if ((ret < 0 || get_stat_xattr(NULL, fd, fst, xst) < 0) && xst)
++ xst->st_mode = 0;
++ return ret;
++}
++
+ #endif /* SUPPORT_XATTRS */