X-Git-Url: https://mattmccutchen.net/rsync/rsync-patches.git/blobdiff_plain/63bb92e3343c5d762dec2ff150bb3e5e165d05db..5214a41bbae94607b196b199b483710e1babf292:/fileflags.diff diff --git a/fileflags.diff b/fileflags.diff index cbe6989..5668f56 100644 --- a/fileflags.diff +++ b/fileflags.diff @@ -3,15 +3,41 @@ Modified from a patch that was written by Rolf Grossmann. To use this patch, run these commands for a successful build: - patch -p1 basename, remainder); ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change) ++ make_mutable(fname, fp->mode, F_FFLAGS(fp), force_change); ++#endif + if (!(fp->mode & S_IWUSR) && !am_root && (uid_t)F_OWNER(fp) == our_uid) +- do_chmod(fname, fp->mode | S_IWUSR); ++ do_chmod(fname, fp->mode | S_IWUSR, NO_FFLAGS); + /* Save stack by recursing to ourself directly. */ + if (S_ISDIR(fp->mode)) { + if (delete_dir_contents(fname, flags | DEL_RECURSE) != DR_SUCCESS) +@@ -140,7 +145,7 @@ enum delret delete_item(char *fbuf, uint16 mode, uint16 flags) + } + + if (flags & DEL_NO_UID_WRITE) +- do_chmod(fbuf, mode | S_IWUSR); ++ do_chmod(fbuf, mode | S_IWUSR, NO_FFLAGS); + + if (S_ISDIR(mode) && !(flags & DEL_DIR_IS_EMPTY)) { + int save_uid_ndx = uid_ndx; +@@ -148,6 +153,13 @@ enum delret delete_item(char *fbuf, uint16 mode, uint16 flags) + * delete_dir_contents() always calls us w/DEL_DIR_IS_EMPTY. */ + if (!uid_ndx) + uid_ndx = ++file_extra_cnt; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change) { ++ STRUCT_STAT st; ++ if (x_lstat(fbuf, &st, NULL) == 0) ++ make_mutable(fbuf, st.st_mode, st.st_flags, force_change); ++ } ++#endif + ignore_perishable = 1; + /* If DEL_RECURSE is not set, this just reports emptiness. */ + ret = delete_dir_contents(fbuf, flags); diff --git a/flist.c b/flist.c --- a/flist.c +++ b/flist.c @@ -56,26 +130,26 @@ diff --git a/flist.c b/flist.c extern int preserve_hard_links; extern int preserve_devices; extern int preserve_specials; -+extern int fileflags_ndx; ++extern int preserve_fileflags; + extern int missing_args; extern int uid_ndx; extern int gid_ndx; - extern int eol_nulls; -@@ -344,6 +345,9 @@ static void send_file_entry(int f, struct file_struct *file, int ndx, int first_ +@@ -406,6 +407,9 @@ static void send_file_entry(int f, const char *fname, struct file_struct *file, { static time_t modtime; static mode_t mode; -+#ifdef SUPPORT_FLAGS ++#ifdef SUPPORT_FILEFLAGS + static uint32 fileflags; +#endif #ifdef SUPPORT_HARD_LINKS static int64 dev; #endif -@@ -403,6 +407,14 @@ static void send_file_entry(int f, struct file_struct *file, int ndx, int first_ +@@ -449,6 +453,14 @@ static void send_file_entry(int f, const char *fname, struct file_struct *file, xflags |= XMIT_SAME_MODE; else mode = file->mode; -+#ifdef SUPPORT_FLAGS -+ if (fileflags_ndx) { ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags) { + if (F_FFLAGS(file) == fileflags) + xflags |= XMIT_SAME_FLAGS; + else @@ -83,201 +157,175 @@ diff --git a/flist.c b/flist.c + } +#endif - if ((preserve_devices && IS_DEVICE(mode)) - || (preserve_specials && IS_SPECIAL(mode))) { -@@ -522,6 +534,10 @@ static void send_file_entry(int f, struct file_struct *file, int ndx, int first_ - } + if (preserve_devices && IS_DEVICE(mode)) { + if (protocol_version < 28) { +@@ -590,6 +602,10 @@ static void send_file_entry(int f, const char *fname, struct file_struct *file, + write_varint(f, F_MOD_NSEC(file)); if (!(xflags & XMIT_SAME_MODE)) write_int(f, to_wire_mode(mode)); -+#ifdef SUPPORT_FLAGS -+ if (fileflags_ndx && !(xflags & XMIT_SAME_FLAGS)) ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags && !(xflags & XMIT_SAME_FLAGS)) + write_int(f, (int)fileflags); +#endif - if (uid_ndx && !(xflags & XMIT_SAME_UID)) { + if (preserve_uid && !(xflags & XMIT_SAME_UID)) { if (protocol_version < 30) write_int(f, uid); -@@ -610,6 +626,9 @@ static struct file_struct *recv_file_entry(struct file_list *flist, +@@ -677,6 +693,9 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x { static int64 modtime; static mode_t mode; -+#ifdef SUPPORT_FLAGS ++#ifdef SUPPORT_FILEFLAGS + static uint32 fileflags; +#endif #ifdef SUPPORT_HARD_LINKS static int64 dev; #endif -@@ -744,6 +763,10 @@ static struct file_struct *recv_file_entry(struct file_list *flist, +@@ -822,6 +841,10 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x - if (chmod_modes && !S_ISLNK(mode)) + if (chmod_modes && !S_ISLNK(mode) && mode) mode = tweak_mode(mode, chmod_modes); -+#ifdef SUPPORT_FLAGS -+ if (fileflags_ndx && !(xflags & XMIT_SAME_FLAGS)) ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags && !(xflags & XMIT_SAME_FLAGS)) + fileflags = (uint32)read_int(f); +#endif - if (uid_ndx && !(xflags & XMIT_SAME_UID)) { + if (preserve_uid && !(xflags & XMIT_SAME_UID)) { if (protocol_version < 30) -@@ -865,6 +888,10 @@ static struct file_struct *recv_file_entry(struct file_list *flist, - OPT_EXTRA(file, 0)->unum = (uint32)(file_length >> 32); +@@ -973,6 +996,10 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x } + #endif file->mode = mode; -+#ifdef SUPPORT_FLAGS -+ if (fileflags_ndx) ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags) + F_FFLAGS(file) = fileflags; +#endif - if (uid_ndx) + if (preserve_uid) F_OWNER(file) = uid; - if (gid_ndx) { -@@ -1199,6 +1226,10 @@ struct file_struct *make_file(const char *fname, struct file_list *flist, - OPT_EXTRA(file, 0)->unum = (uint32)(st.st_size >> 32); + if (preserve_gid) { +@@ -1370,6 +1397,10 @@ struct file_struct *make_file(const char *fname, struct file_list *flist, } + #endif file->mode = st.st_mode; -+#ifdef SUPPORT_FLAGS ++#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE + if (fileflags_ndx) + F_FFLAGS(file) = st.st_flags; +#endif - if (uid_ndx) + if (uid_ndx) /* Check uid_ndx instead of preserve_uid for del support */ F_OWNER(file) = st.st_uid; - if (gid_ndx) + if (gid_ndx) /* Check gid_ndx instead of preserve_gid for del support */ diff --git a/generator.c b/generator.c --- a/generator.c +++ b/generator.c -@@ -124,6 +124,7 @@ static const char *solo_file = NULL; - #define DEL_FOR_SYMLINK (1<<5) /* making room for a replacement symlink */ - #define DEL_FOR_DEVICE (1<<6) /* making room for a replacement device */ - #define DEL_FOR_SPECIAL (1<<7) /* making room for a replacement special */ -+#define DEL_AN_IMMUTABLE (1<<8) /* item has an immutable flag set */ - - #define DEL_MAKE_ROOM (DEL_FOR_FILE|DEL_FOR_DIR|DEL_FOR_SYMLINK|DEL_FOR_DEVICE|DEL_FOR_SPECIAL) - -@@ -163,6 +164,10 @@ static enum delret delete_item(char *fbuf, int mode, int flags) +@@ -42,8 +42,10 @@ extern int preserve_devices; + extern int preserve_specials; + extern int preserve_hard_links; + extern int preserve_executability; ++extern int preserve_fileflags; + extern int preserve_perms; + extern int preserve_times; ++extern int force_change; + extern int uid_ndx; + extern int gid_ndx; + extern int delete_mode; +@@ -406,6 +408,11 @@ int unchanged_attrs(const char *fname, struct file_struct *file, stat_x *sxp) + && ((sxp->st.st_mode & 0111 ? 1 : 0) ^ (file->mode & 0111 ? 1 : 0))) + return 0; - if (!am_root && !(mode & S_IWUSR) && flags & DEL_OWNED_BY_US) - do_chmod(fbuf, mode |= S_IWUSR); -+#ifdef SUPPORT_FLAGS -+ if (fileflags_ndx && flags & DEL_AN_IMMUTABLE) -+ make_mutable(fbuf, mode, NODELETE_FLAGS); ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags && !S_ISLNK(file->mode) && sxp->st.st_flags != F_FFLAGS(file)) ++ return 0; +#endif - - if (S_ISDIR(mode) && !(flags & DEL_DIR_IS_EMPTY)) { - ignore_perishable = 1; -@@ -284,6 +289,14 @@ static enum delret delete_dir_contents(char *fname, int flags) - flags |= DEL_OWNED_BY_US; - else - flags &= ~DEL_OWNED_BY_US; -+#ifdef SUPPORT_FLAGS -+ if (fileflags_ndx) { -+ if (F_FFLAGS(fp) & NODELETE_FLAGS) -+ flags |= DEL_AN_IMMUTABLE; -+ else -+ flags &= ~DEL_AN_IMMUTABLE; -+ } -+#endif - /* Save stack by recursing to ourself directly. */ - if (S_ISDIR(fp->mode)) { - if (!am_root && !(fp->mode & S_IWUSR) && flags & DEL_OWNED_BY_US) -@@ -343,15 +356,22 @@ static int flush_delete_delay(void) - - static int remember_delete(struct file_struct *file, const char *fname, int flags) - { -- const char *plus = (!am_root && !(file->mode & S_IWUSR) && flags & DEL_OWNED_BY_US) -- ? "+" : ""; -+ char buf[16], *bp = buf; - int len; - -+ if (!am_root && !(file->mode & S_IWUSR) && flags & DEL_OWNED_BY_US) -+ *bp++ = '+'; -+#ifdef SUPPORT_FLAGS -+ if (flags & DEL_AN_IMMUTABLE) -+ *bp++ = '-'; -+#endif -+ *bp = '\0'; + - while (1) { - len = snprintf(deldelay_buf + deldelay_cnt, - deldelay_size - deldelay_cnt, - "%s%x %s%c", -- plus, (int)file->mode, fname, '\0'); -+ buf, (int)file->mode, fname, '\0'); - if ((deldelay_cnt += len) <= deldelay_size) - break; - if (deldelay_fd < 0 && !start_delete_delay_temp()) -@@ -364,10 +384,10 @@ static int remember_delete(struct file_struct *file, const char *fname, int flag - return 1; - } + if (am_root && uid_ndx && sxp->st.st_uid != (uid_t)F_OWNER(file)) + return 0; --static int read_delay_line(char *buf, int *own_flag_p) -+static int read_delay_line(char *buf, int *flags_p) - { - static int read_pos = 0; -- int j, len, mode; -+ int j, len, mode, flags = 0; - char *bp, *past_space; - - while (1) { -@@ -407,9 +427,15 @@ static int read_delay_line(char *buf, int *own_flag_p) - bp = deldelay_buf + read_pos; - if (*bp == '+') { - bp++; -- *own_flag_p = DEL_OWNED_BY_US; -- } else -- *own_flag_p = 0; -+ flags |= DEL_OWNED_BY_US; -+ } -+#ifdef SUPPORT_FLAGS -+ if (*bp == '-') { -+ bp++; -+ flags |= DEL_AN_IMMUTABLE; -+ } +@@ -471,6 +478,11 @@ void itemize(const char *fnamecmp, struct file_struct *file, int ndx, int statre + if (gid_ndx && !(file->flags & FLAG_SKIP_GROUP) + && sxp->st.st_gid != (gid_t)F_GROUP(file)) + iflags |= ITEM_REPORT_GROUP; ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags && !S_ISLNK(file->mode) ++ && sxp->st.st_flags != F_FFLAGS(file)) ++ iflags |= ITEM_REPORT_FFLAGS; +#endif -+ *flags_p = flags; - - if (sscanf(bp, "%x ", &mode) != 1) { - invalid_data: -@@ -434,15 +460,15 @@ static int read_delay_line(char *buf, int *own_flag_p) - - static void do_delayed_deletions(char *delbuf) - { -- int mode, own_flag; -+ int mode, flags; - - if (deldelay_fd >= 0) { - if (deldelay_cnt && !flush_delete_delay()) - return; - lseek(deldelay_fd, 0, 0); - } -- while ((mode = read_delay_line(delbuf, &own_flag)) >= 0) -- delete_item(delbuf, mode, own_flag | DEL_RECURSE); -+ while ((mode = read_delay_line(delbuf, &flags)) >= 0) -+ delete_item(delbuf, mode, DEL_RECURSE | flags); - if (deldelay_fd >= 0) - close(deldelay_fd); - } -@@ -505,6 +531,9 @@ static void delete_in_dir(char *fbuf, struct file_struct *file, dev_t *fs_dev) + #ifdef SUPPORT_ACLS + if (preserve_acls && !S_ISLNK(file->mode)) { + if (!ACL_READY(*sxp)) +@@ -1265,6 +1277,10 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, + file->mode = dest_mode(file->mode, sx.st.st_mode, + dflt_perms, statret == 0); } - if (flist_find(cur_flist, fp) < 0) { - int flags = DEL_RECURSE -+#ifdef SUPPORT_FLAGS -+ | (fileflags_ndx && F_FFLAGS(fp) & NODELETE_FLAGS ? DEL_AN_IMMUTABLE : 0) ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && !preserve_fileflags) ++ F_FFLAGS(file) = sx.st.st_flags; +#endif - | (!uid_ndx || (uid_t)F_OWNER(fp) == our_uid ? DEL_OWNED_BY_US : 0); - f_name(fp, delbuf); - if (delete_during == 2) { -@@ -1329,6 +1358,10 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, - - if (statret == 0 && sx.st.st_uid == our_uid) - del_opts |= DEL_OWNED_BY_US; -+#ifdef SUPPORT_FLAGS -+ if (statret == 0 && fileflags_ndx && sx.st.st_flags & NODELETE_FLAGS) -+ del_opts |= DEL_AN_IMMUTABLE; + if (statret != 0 && basis_dir[0] != NULL) { + int j = try_dests_non(file, fname, ndx, fnamecmpbuf, &sx, + itemizing, code); +@@ -1305,10 +1321,15 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, + /* We need to ensure that the dirs in the transfer have writable + * permissions during the time we are putting files within them. + * This is then fixed after the transfer is done. */ ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && F_FFLAGS(file) & force_change ++ && make_mutable(fname, file->mode, F_FFLAGS(file), force_change)) ++ need_retouch_dir_perms = 1; ++#endif + #ifdef HAVE_CHMOD + if (!am_root && !(file->mode & S_IWUSR) && dir_tweaking) { + mode_t mode = file->mode | S_IWUSR; +- if (do_chmod(fname, mode) < 0) { ++ if (do_chmod(fname, mode, 0) < 0) { + rsyserr(FERROR_XFER, errno, + "failed to modify permissions on %s", + full_fname(fname)); +@@ -1343,6 +1364,10 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx, + file->mode = dest_mode(file->mode, sx.st.st_mode, dflt_perms, + exists); + } ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && !preserve_fileflags) ++ F_FFLAGS(file) = sx.st.st_flags; +#endif - if (is_dir) { - if (!implied_dirs && file->flags & FLAG_IMPLIED_DIR) + #ifdef SUPPORT_HARD_LINKS + if (preserve_hard_links && F_HLINK_NOT_FIRST(file) +@@ -1920,13 +1945,17 @@ static void touch_up_dirs(struct file_list *flist, int ndx) + continue; + fname = f_name(file, NULL); + if (fix_dir_perms) +- do_chmod(fname, file->mode); ++ do_chmod(fname, file->mode, 0); + if (need_retouch_dir_times) { + STRUCT_STAT st; + if (link_stat(fname, &st, 0) == 0 + && cmp_time(st.st_mtime, file->modtime) != 0) +- set_modtime(fname, file->modtime, F_MOD_NSEC(file), file->mode); ++ set_modtime(fname, file->modtime, F_MOD_NSEC(file), file->mode, 0); + } ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && F_FFLAGS(file) & force_change) ++ undo_make_mutable(fname, F_FFLAGS(file)); ++#endif + if (counter >= loopchk_limit) { + if (allowed_lull) + maybe_send_keepalive(); +diff --git a/log.c b/log.c +--- a/log.c ++++ b/log.c +@@ -733,7 +733,7 @@ static void log_formatted(enum logcode code, const char *format, const char *op, + c[5] = !(iflags & ITEM_REPORT_PERMS) ? '.' : 'p'; + c[6] = !(iflags & ITEM_REPORT_OWNER) ? '.' : 'o'; + c[7] = !(iflags & ITEM_REPORT_GROUP) ? '.' : 'g'; +- c[8] = !(iflags & ITEM_REPORT_ATIME) ? '.' : 'u'; ++ c[8] = !(iflags & ITEM_REPORT_FFLAGS) ? '.' : 'f'; + c[9] = !(iflags & ITEM_REPORT_ACL) ? '.' : 'a'; + c[10] = !(iflags & ITEM_REPORT_XATTR) ? '.' : 'x'; + c[11] = '\0'; diff --git a/options.c b/options.c --- a/options.c +++ b/options.c -@@ -52,6 +52,7 @@ int preserve_hard_links = 0; +@@ -53,6 +53,7 @@ int preserve_hard_links = 0; int preserve_acls = 0; int preserve_xattrs = 0; int preserve_perms = 0; @@ -285,7 +333,15 @@ diff --git a/options.c b/options.c int preserve_executability = 0; int preserve_devices = 0; int preserve_specials = 0; -@@ -224,6 +225,7 @@ static void print_rsync_version(enum logcode f) +@@ -86,6 +87,7 @@ int numeric_ids = 0; + int msgs2stderr = 0; + int allow_8bit_chars = 0; + int force_delete = 0; ++int force_change = 0; + int io_timeout = 0; + int prune_empty_dirs = 0; + int use_qsort = 0; +@@ -567,6 +569,7 @@ static void print_rsync_version(enum logcode f) char const *links = "no "; char const *iconv = "no "; char const *ipv6 = "no "; @@ -293,17 +349,17 @@ diff --git a/options.c b/options.c STRUCT_STAT *dumstat; #if SUBPROTOCOL_VERSION != 0 -@@ -256,6 +258,9 @@ static void print_rsync_version(enum logcode f) - #if defined HAVE_LUTIMES && defined HAVE_UTIMES +@@ -600,6 +603,9 @@ static void print_rsync_version(enum logcode f) + #ifdef CAN_SET_SYMLINK_TIMES symtimes = ""; #endif -+#ifdef SUPPORT_FLAGS ++#ifdef SUPPORT_FILEFLAGS + fileflags = ""; +#endif rprintf(f, "%s version %s protocol version %d%s\n", RSYNC_NAME, RSYNC_VERSION, PROTOCOL_VERSION, subprotocol); -@@ -269,8 +274,8 @@ static void print_rsync_version(enum logcode f) +@@ -613,8 +619,8 @@ static void print_rsync_version(enum logcode f) (int)(sizeof (int64) * 8)); rprintf(f, " %ssocketpairs, %shardlinks, %ssymlinks, %sIPv6, batchfiles, %sinplace,\n", got_socketpair, hardlinks, links, ipv6, have_inplace); @@ -314,40 +370,57 @@ diff --git a/options.c b/options.c #ifdef MAINTAINER_MODE rprintf(f, "Panic Action: \"%s\"\n", get_panic_action()); -@@ -337,6 +342,7 @@ void usage(enum logcode F) +@@ -684,6 +690,9 @@ void usage(enum logcode F) rprintf(F," -K, --keep-dirlinks treat symlinked dir on receiver as dir\n"); rprintf(F," -H, --hard-links preserve hard links\n"); rprintf(F," -p, --perms preserve permissions\n"); -+ rprintf(F," --fileflags preserve file-flags\n"); ++#ifdef SUPPORT_FILEFLAGS ++ rprintf(F," --fileflags preserve file-flags (aka chflags)\n"); ++#endif rprintf(F," -E, --executability preserve the file's executability\n"); rprintf(F," --chmod=CHMOD affect file and/or directory permissions\n"); #ifdef SUPPORT_ACLS -@@ -477,6 +483,8 @@ static struct poptOption long_options[] = { +@@ -723,7 +732,12 @@ void usage(enum logcode F) + rprintf(F," --ignore-missing-args ignore missing source args without error\n"); + rprintf(F," --delete-missing-args delete missing source args from destination\n"); + rprintf(F," --ignore-errors delete even if there are I/O errors\n"); +- rprintf(F," --force force deletion of directories even if not empty\n"); ++ rprintf(F," --force-delete force deletion of directories even if not empty\n"); ++#ifdef SUPPORT_FORCE_CHANGE ++ rprintf(F," --force-change affect user-/system-immutable files/dirs\n"); ++ rprintf(F," --force-uchange affect user-immutable files/dirs\n"); ++ rprintf(F," --force-schange affect system-immutable files/dirs\n"); ++#endif + rprintf(F," --max-delete=NUM don't delete more than NUM files\n"); + rprintf(F," --max-size=SIZE don't transfer any file larger than SIZE\n"); + rprintf(F," --min-size=SIZE don't transfer any file smaller than SIZE\n"); +@@ -836,6 +850,10 @@ static struct poptOption long_options[] = { {"perms", 'p', POPT_ARG_VAL, &preserve_perms, 1, 0, 0 }, {"no-perms", 0, POPT_ARG_VAL, &preserve_perms, 0, 0, 0 }, {"no-p", 0, POPT_ARG_VAL, &preserve_perms, 0, 0, 0 }, ++#ifdef SUPPORT_FILEFLAGS + {"fileflags", 0, POPT_ARG_VAL, &preserve_fileflags, 1, 0, 0 }, + {"no-fileflags", 0, POPT_ARG_VAL, &preserve_fileflags, 0, 0, 0 }, ++#endif {"executability", 'E', POPT_ARG_NONE, &preserve_executability, 0, 0, 0 }, {"acls", 'A', POPT_ARG_NONE, 0, 'A', 0, 0 }, {"no-acls", 0, POPT_ARG_VAL, &preserve_acls, 0, 0, 0 }, -@@ -1311,6 +1319,15 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain) - } - #endif - -+#ifndef SUPPORT_FLAGS -+ if (preserve_fileflags) { -+ snprintf(err_buf, sizeof err_buf, -+ "the --fileflags option is not supported on this %s\n", -+ am_server ? "server" : "client"); -+ return 0; -+ } +@@ -918,6 +936,14 @@ static struct poptOption long_options[] = { + {"remove-source-files",0,POPT_ARG_VAL, &remove_source_files, 1, 0, 0 }, + {"force", 0, POPT_ARG_VAL, &force_delete, 1, 0, 0 }, + {"no-force", 0, POPT_ARG_VAL, &force_delete, 0, 0, 0 }, ++ {"force-delete", 0, POPT_ARG_VAL, &force_delete, 1, 0, 0 }, ++ {"no-force-delete", 0, POPT_ARG_VAL, &force_delete, 0, 0, 0 }, ++#ifdef SUPPORT_FORCE_CHANGE ++ {"force-change", 0, POPT_ARG_VAL, &force_change, ALL_IMMUTABLE, 0, 0 }, ++ {"no-force-change", 0, POPT_ARG_VAL, &force_change, 0, 0, 0 }, ++ {"force-uchange", 0, POPT_ARG_VAL, &force_change, USR_IMMUTABLE, 0, 0 }, ++ {"force-schange", 0, POPT_ARG_VAL, &force_change, SYS_IMMUTABLE, 0, 0 }, +#endif -+ - if (write_batch && read_batch) { - snprintf(err_buf, sizeof err_buf, - "--write-batch and --read-batch can not be used together\n"); -@@ -1826,6 +1843,9 @@ void server_options(char **args, int *argc_p) + {"ignore-errors", 0, POPT_ARG_VAL, &ignore_errors, 1, 0, 0 }, + {"no-ignore-errors", 0, POPT_ARG_VAL, &ignore_errors, 0, 0, 0 }, + {"max-delete", 0, POPT_ARG_INT, &max_delete, 0, 0, 0 }, +@@ -2420,6 +2446,9 @@ void server_options(char **args, int *argc_p) if (xfer_dirs && !recurse && delete_mode && am_sender) args[ac++] = "--no-r"; @@ -357,10 +430,27 @@ diff --git a/options.c b/options.c if (do_compression && def_compress_level != Z_DEFAULT_COMPRESSION) { if (asprintf(&arg, "--compress-level=%d", def_compress_level) < 0) goto oom; +@@ -2507,6 +2536,16 @@ void server_options(char **args, int *argc_p) + args[ac++] = "--delete-excluded"; + if (force_delete) + args[ac++] = "--force"; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change) { ++ if (force_change == ALL_IMMUTABLE) ++ args[ac++] = "--force-change"; ++ else if (force_change == USR_IMMUTABLE) ++ args[ac++] = "--force-uchange"; ++ else if (force_change == SYS_IMMUTABLE) ++ args[ac++] = "--force-schange"; ++ } ++#endif + if (write_batch < 0) + args[ac++] = "--only-write-batch=X"; + if (am_root > 1) diff --git a/rsync.c b/rsync.c --- a/rsync.c +++ b/rsync.c -@@ -32,6 +32,7 @@ extern int dry_run; +@@ -31,6 +31,7 @@ extern int dry_run; extern int preserve_acls; extern int preserve_xattrs; extern int preserve_perms; @@ -368,11 +458,11 @@ diff --git a/rsync.c b/rsync.c extern int preserve_executability; extern int preserve_times; extern int am_root; -@@ -339,6 +340,41 @@ mode_t dest_mode(mode_t flist_mode, mode_t stat_mode, int dflt_perms, +@@ -445,6 +446,39 @@ mode_t dest_mode(mode_t flist_mode, mode_t stat_mode, int dflt_perms, return new_mode; } -+#ifdef SUPPORT_FLAGS ++#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE +/* Set a file's st_flags. */ +static int set_fileflags(const char *fname, uint32 fileflags) +{ @@ -387,63 +477,92 @@ diff --git a/rsync.c b/rsync.c +} + +/* Remove immutable flags from an object, so it can be altered/removed. */ -+void make_mutable(const char *fname, mode_t mode, uint32 fileflags) ++int make_mutable(const char *fname, mode_t mode, uint32 fileflags, uint32 iflags) +{ -+ if (S_ISLNK(mode)) -+ return; -+ -+ if (fileflags & NOCHANGE_FLAGS) -+ set_fileflags(fname, fileflags & ~NOCHANGE_FLAGS); ++ if (S_ISLNK(mode) || !(fileflags & iflags)) ++ return 0; ++ if (!set_fileflags(fname, fileflags & ~iflags)) ++ return -1; ++ return 1; +} + -+/* Undo a prior make_mutable() call. */ -+void undo_make_mutable(const char *fname, mode_t mode, uint32 fileflags) ++/* Undo a prior make_mutable() call that returned a 1. */ ++int undo_make_mutable(const char *fname, uint32 fileflags) +{ -+ if (S_ISLNK(mode)) -+ return; -+ -+ if (fileflags & NOCHANGE_FLAGS) -+ set_fileflags(fname, fileflags); ++ if (!set_fileflags(fname, fileflags)) ++ return -1; ++ return 1; +} +#endif + int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, const char *fnamecmp, int flags) { -@@ -472,6 +508,15 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, +@@ -493,7 +527,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, + flags |= ATTRS_SKIP_MTIME; + if (!(flags & ATTRS_SKIP_MTIME) + && cmp_time(sxp->st.st_mtime, file->modtime) != 0) { +- int ret = set_modtime(fname, file->modtime, F_MOD_NSEC(file), sxp->st.st_mode); ++ int ret = set_modtime(fname, file->modtime, F_MOD_NSEC(file), sxp->st.st_mode, ST_FLAGS(sxp->st)); + if (ret < 0) { + rsyserr(FERROR_XFER, errno, "failed to set times on %s", + full_fname(fname)); +@@ -529,7 +563,8 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, + if (am_root >= 0) { + if (do_lchown(fname, + change_uid ? (uid_t)F_OWNER(file) : sxp->st.st_uid, +- change_gid ? (gid_t)F_GROUP(file) : sxp->st.st_gid) != 0) { ++ change_gid ? (gid_t)F_GROUP(file) : sxp->st.st_gid, ++ sxp->st.st_mode, ST_FLAGS(sxp->st)) != 0) { + /* We shouldn't have attempted to change uid + * or gid unless have the privilege. */ + rsyserr(FERROR_XFER, errno, "%s %s failed", +@@ -563,7 +598,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, + + #ifdef HAVE_CHMOD + if (!BITS_EQUAL(sxp->st.st_mode, new_mode, CHMOD_BITS)) { +- int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode); ++ int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode, ST_FLAGS(sxp->st)); + if (ret < 0) { + rsyserr(FERROR_XFER, errno, + "failed to set permissions on %s", +@@ -575,6 +610,19 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, } #endif -+#ifdef SUPPORT_FLAGS ++#ifdef SUPPORT_FILEFLAGS + if (preserve_fileflags && !S_ISLNK(sxp->st.st_mode) + && sxp->st.st_flags != F_FFLAGS(file)) { -+ if (!set_fileflags(fname, F_FFLAGS(file))) ++ uint32 fileflags = F_FFLAGS(file); ++ if (flags & ATTRS_DELAY_IMMUTABLE) ++ fileflags &= ~ALL_IMMUTABLE; ++ if (sxp->st.st_flags != fileflags ++ && !set_fileflags(fname, fileflags)) + goto cleanup; + updated = 1; + } +#endif + - if (verbose > 1 && flags & ATTRS_REPORT) { + if (INFO_GTE(NAME, 2) && flags & ATTRS_REPORT) { if (updated) rprintf(FCLIENT, "%s\n", fname); -@@ -533,6 +578,10 @@ int finish_transfer(const char *fname, const char *fnametmp, +@@ -639,7 +687,8 @@ int finish_transfer(const char *fname, const char *fnametmp, + + /* Change permissions before putting the file into place. */ set_file_attrs(fnametmp, file, NULL, fnamecmp, - ok_to_set_time ? 0 : ATTRS_SKIP_MTIME); +- ok_to_set_time ? 0 : ATTRS_SKIP_MTIME); ++ ATTRS_DELAY_IMMUTABLE ++ | (ok_to_set_time ? 0 : ATTRS_SKIP_MTIME)); -+#ifdef SUPPORT_FLAGS -+ if (preserve_fileflags) -+ make_mutable(fnametmp, file->mode, F_FFLAGS(file)); -+#endif /* move tmp file over real file */ - if (verbose > 2) - rprintf(FINFO, "renaming %s to %s\n", fnametmp, fname); -@@ -550,6 +599,10 @@ int finish_transfer(const char *fname, const char *fnametmp, + if (DEBUG_GTE(RECV, 1)) +@@ -658,6 +707,10 @@ int finish_transfer(const char *fname, const char *fnametmp, } if (ret == 0) { /* The file was moved into place (not copied), so it's done. */ -+#ifdef SUPPORT_FLAGS -+ if (preserve_fileflags) -+ undo_make_mutable(fname, file->mode, F_FFLAGS(file)); ++#ifdef SUPPORT_FILEFLAGS ++ if (preserve_fileflags && F_FFLAGS(file) & ALL_IMMUTABLE) ++ set_fileflags(fname, F_FFLAGS(file)); +#endif return 1; } @@ -451,37 +570,60 @@ diff --git a/rsync.c b/rsync.c diff --git a/rsync.h b/rsync.h --- a/rsync.h +++ b/rsync.h -@@ -60,6 +60,7 @@ - #define XMIT_RDEV_MINOR_8_pre30 (1<<11) /* protocols 28 - 29 */ - #define XMIT_GROUP_NAME_FOLLOWS (1<<11) /* protocols 30 - now */ +@@ -62,6 +62,7 @@ #define XMIT_HLINK_FIRST (1<<12) /* protocols 30 - now (HLINKED files only) */ + #define XMIT_IO_ERROR_ENDLIST (1<<12) /* protocols 31 - now (w/XMIT_EXTENDED_FLAGS) */ + #define XMIT_MOD_NSEC (1<<13) /* protocols 31 - now */ +#define XMIT_SAME_FLAGS (1<<14) /* protocols ?? - now */ /* These flags are used in the live flist data. */ -@@ -452,6 +453,21 @@ typedef unsigned int size_t; +@@ -160,6 +161,7 @@ + + #define ATTRS_REPORT (1<<0) + #define ATTRS_SKIP_MTIME (1<<1) ++#define ATTRS_DELAY_IMMUTABLE (1<<2) + + #define FULL_FLUSH 1 + #define NORMAL_FLUSH 0 +@@ -186,6 +188,7 @@ + #define ITEM_REPORT_GROUP (1<<6) + #define ITEM_REPORT_ACL (1<<7) + #define ITEM_REPORT_XATTR (1<<8) ++#define ITEM_REPORT_FFLAGS (1<<9) + #define ITEM_BASIS_TYPE_FOLLOWS (1<<11) + #define ITEM_XNAME_FOLLOWS (1<<12) + #define ITEM_IS_NEW (1<<13) +@@ -494,6 +497,28 @@ typedef unsigned int size_t; #endif #endif ++#define NO_FFLAGS ((uint32)-1) ++ +#ifdef HAVE_CHFLAGS -+#define SUPPORT_FLAGS 1 ++#define SUPPORT_FILEFLAGS 1 ++#define SUPPORT_FORCE_CHANGE 1 +#endif + -+#ifdef SUPPORT_FLAGS ++#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE +#ifndef UF_NOUNLINK +#define UF_NOUNLINK 0 +#endif +#ifndef SF_NOUNLINK +#define SF_NOUNLINK 0 +#endif -+#define NODELETE_FLAGS (UF_IMMUTABLE|UF_NOUNLINK|SF_IMMUTABLE|SF_NOUNLINK) -+#define NOCHANGE_FLAGS (NODELETE_FLAGS|UF_APPEND|SF_APPEND) ++#define USR_IMMUTABLE (UF_IMMUTABLE|UF_NOUNLINK|UF_APPEND) ++#define SYS_IMMUTABLE (SF_IMMUTABLE|SF_NOUNLINK|SF_APPEND) ++#define ALL_IMMUTABLE (USR_IMMUTABLE|SYS_IMMUTABLE) ++#define ST_FLAGS(st) (st.st_flags) ++#else ++#define ST_FLAGS(st) NO_FFLAGS +#endif + /* Find a variable that is either exactly 32-bits or longer. * If some code depends on 32-bit truncation, it will need to * take special action in a "#if SIZEOF_INT32 > 4" section. */ -@@ -620,6 +636,7 @@ extern int file_extra_cnt; +@@ -664,6 +689,7 @@ extern int file_extra_cnt; extern int inc_recurse; extern int uid_ndx; extern int gid_ndx; @@ -489,26 +631,42 @@ diff --git a/rsync.h b/rsync.h extern int acls_ndx; extern int xattrs_ndx; -@@ -657,6 +674,7 @@ extern int xattrs_ndx; +@@ -705,6 +731,11 @@ extern int xattrs_ndx; /* When the associated option is on, all entries will have these present: */ #define F_OWNER(f) REQ_EXTRA(f, uid_ndx)->unum #define F_GROUP(f) REQ_EXTRA(f, gid_ndx)->unum ++#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE +#define F_FFLAGS(f) REQ_EXTRA(f, fileflags_ndx)->unum ++#else ++#define F_FFLAGS(f) NO_FFLAGS ++#endif #define F_ACL(f) REQ_EXTRA(f, acls_ndx)->num #define F_XATTR(f) REQ_EXTRA(f, xattrs_ndx)->num #define F_NDX(f) REQ_EXTRA(f, unsort_ndx)->num diff --git a/rsync.yo b/rsync.yo --- a/rsync.yo +++ b/rsync.yo -@@ -338,6 +338,7 @@ to the detailed description below for a complete description. verb( +@@ -345,6 +345,7 @@ to the detailed description below for a complete description. verb( -K, --keep-dirlinks treat symlinked dir on receiver as dir -H, --hard-links preserve hard links -p, --perms preserve permissions -+ --fileflags preserve file-flags ++ --fileflags preserve file-flags (aka chflags) -E, --executability preserve executability --chmod=CHMOD affect file and/or directory permissions -A, --acls preserve ACLs (implies -p) -@@ -540,7 +541,8 @@ specified, in which case bf(-r) is not implied. +@@ -378,7 +379,10 @@ to the detailed description below for a complete description. verb( + --ignore-missing-args ignore missing source args without error + --delete-missing-args delete missing source args from destination + --ignore-errors delete even if there are I/O errors +- --force force deletion of dirs even if not empty ++ --force-delete force deletion of dirs even if not empty ++ --force-change affect user/system immutable files/dirs ++ --force-uchange affect user-immutable files/dirs ++ --force-schange affect system-immutable files/dirs + --max-delete=NUM don't delete more than NUM files + --max-size=SIZE don't transfer any file larger than SIZE + --min-size=SIZE don't transfer any file smaller than SIZE +@@ -595,7 +599,8 @@ specified, in which case bf(-r) is not implied. Note that bf(-a) bf(does not preserve hardlinks), because finding multiply-linked files is expensive. You must separately @@ -518,36 +676,407 @@ diff --git a/rsync.yo b/rsync.yo dit(--no-OPTION) You may turn off one or more implied options by prefixing the option name with "no-". Not all options may be prefixed with a "no-": -@@ -922,6 +924,13 @@ super-user copies all namespaces except system.*. A normal user only copies +@@ -876,7 +881,7 @@ they would be using bf(--copy-links). + Without this option, if the sending side has replaced a directory with a + symlink to a directory, the receiving side will delete anything that is in + the way of the new symlink, including a directory hierarchy (as long as +-bf(--force) or bf(--delete) is in effect). ++bf(--force-delete) or bf(--delete) is in effect). + + See also bf(--keep-dirlinks) for an analogous option for the receiving + side. +@@ -1013,6 +1018,29 @@ super-user copies all namespaces except system.*. A normal user only copies the user.* namespace. To be able to backup and restore non-user namespaces as a normal user, see the bf(--fake-super) option. -+dit(bf(--fileflags)) This option causes rsync to update the file-flags -+to be the same as the source file, if your OS supports the bf(chflags)(2) -+system call. In any case, an attempt is made to remove flags that would -+prevent a file to be altered. Some flags can only be altered by the -+super-user and can only be unset below a certain secure-level (usually -+single-user mode). ++dit(bf(--fileflags)) This option causes rsync to update the file-flags to be ++the same as the source files and directories (if your OS supports the ++bf(chflags)(2) system call). Some flags can only be altered by the super-user ++and some might only be unset below a certain secure-level (usually single-user ++mode). It will not make files alterable that are set to immutable on the ++receiver. To do that, see bf(--force-change), bf(--force-uchange), and ++bf(--force-schange). ++ ++dit(bf(--force-change)) This option causes rsync to disable both user-immutable ++and system-immutable flags on files and directories that are being updated or ++deleted on the receiving side. This option overrides bf(--force-uchange) and ++bf(--force-schange). ++ ++dit(bf(--force-uchange)) This option causes rsync to disable user-immutable ++flags on files and directories that are being updated or deleted on the ++receiving side. It does not try to affect system flags. This option overrides ++bf(--force-change) and bf(--force-schange). ++ ++dit(bf(--force-schange)) This option causes rsync to disable system-immutable ++flags on files and directories that are being updated or deleted on the ++receiving side. It does not try to affect user flags. This option overrides ++bf(--force-change) and bf(--force-schange). + dit(bf(--chmod)) This option tells rsync to apply one or more comma-separated "chmod" strings to the permission of the files in the - transfer. The resulting value is treated as though it was the permissions + transfer. The resulting value is treated as though it were the permissions +@@ -1301,12 +1329,13 @@ display as a "*missing" entry in the bf(--list-only) output. + dit(bf(--ignore-errors)) Tells bf(--delete) to go ahead and delete files + even when there are I/O errors. + +-dit(bf(--force)) This option tells rsync to delete a non-empty directory ++dit(bf(--force-delete)) This option tells rsync to delete a non-empty directory + when it is to be replaced by a non-directory. This is only relevant if + deletions are not active (see bf(--delete) for details). + +-Note for older rsync versions: bf(--force) used to still be required when +-using bf(--delete-after), and it used to be non-functional unless the ++This option can be abbreviated bf(--force) for backward compatibility. ++Note that some older rsync versions used to still require bf(--force) ++when using bf(--delete-after), and it used to be non-functional unless the + bf(--recursive) option was also enabled. + + dit(bf(--max-delete=NUM)) This tells rsync not to delete more than NUM +@@ -1875,7 +1904,7 @@ with older versions of rsync, but that also turns on the output of other + verbose messages). + + The "%i" escape has a cryptic output that is 11 letters long. The general +-format is like the string bf(YXcstpoguax), where bf(Y) is replaced by the ++format is like the string bf(YXcstpogfax), where bf(Y) is replaced by the + type of update being done, bf(X) is replaced by the file-type, and the + other letters represent attributes that may be output if they are being + modified. +@@ -1931,7 +1960,7 @@ quote(itemization( + sender's value (requires bf(--owner) and super-user privileges). + it() A bf(g) means the group is different and is being updated to the + sender's value (requires bf(--group) and the authority to set the group). +- it() The bf(u) slot is reserved for future use. ++ it() The bf(f) means that the fileflags information changed. + it() The bf(a) means that the ACL information changed. + it() The bf(x) means that the extended attribute information changed. + )) diff --git a/syscall.c b/syscall.c --- a/syscall.c +++ b/syscall.c -@@ -174,6 +174,15 @@ int do_chmod(const char *path, mode_t mode) +@@ -34,6 +34,7 @@ extern int am_root; + extern int am_sender; + extern int read_only; + extern int list_only; ++extern int force_change; + extern int preserve_perms; + extern int preserve_executability; + +@@ -51,7 +52,23 @@ int do_unlink(const char *fname) + { + if (dry_run) return 0; + RETURN_ERROR_IF_RO_OR_LO; +- return unlink(fname); ++ if (unlink(fname) == 0) ++ return 0; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && errno == EPERM) { ++ STRUCT_STAT st; ++ ++ if (x_lstat(fname, &st, NULL) == 0 ++ && make_mutable(fname, st.st_mode, st.st_flags, force_change) > 0) { ++ if (unlink(fname) == 0) ++ return 0; ++ undo_make_mutable(fname, st.st_flags); ++ } ++ /* TODO: handle immutable directories */ ++ errno = EPERM; ++ } ++#endif ++ return -1; + } + + #ifdef SUPPORT_LINKS +@@ -112,14 +129,37 @@ int do_link(const char *fname1, const char *fname2) + } + #endif + +-int do_lchown(const char *path, uid_t owner, gid_t group) ++int do_lchown(const char *path, uid_t owner, gid_t group, mode_t mode, uint32 fileflags) + { + if (dry_run) return 0; + RETURN_ERROR_IF_RO_OR_LO; + #ifndef HAVE_LCHOWN + #define lchown chown + #endif +- return lchown(path, owner, group); ++ if (lchown(path, owner, group) == 0) ++ return 0; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && errno == EPERM) { ++ if (fileflags == NO_FFLAGS) { ++ STRUCT_STAT st; ++ if (x_lstat(path, &st, NULL) == 0) { ++ mode = st.st_mode; ++ fileflags = st.st_flags; ++ } ++ } ++ if (fileflags != NO_FFLAGS ++ && make_mutable(path, mode, fileflags, force_change) > 0) { ++ int ret = lchown(path, owner, group); ++ undo_make_mutable(path, fileflags); ++ if (ret == 0) ++ return 0; ++ } ++ errno = EPERM; ++ } ++#else ++ mode = fileflags = 0; /* avoid compiler warning */ ++#endif ++ return -1; } + + int do_mknod(const char *pathname, mode_t mode, dev_t dev) +@@ -159,7 +199,7 @@ int do_mknod(const char *pathname, mode_t mode, dev_t dev) + return -1; + close(sock); + #ifdef HAVE_CHMOD +- return do_chmod(pathname, mode); ++ return do_chmod(pathname, mode, 0); + #else + return 0; #endif +@@ -176,7 +216,22 @@ int do_rmdir(const char *pathname) + { + if (dry_run) return 0; + RETURN_ERROR_IF_RO_OR_LO; +- return rmdir(pathname); ++ if (rmdir(pathname) == 0) ++ return 0; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && errno == EPERM) { ++ STRUCT_STAT st; ++ ++ if (x_lstat(pathname, &st, NULL) == 0 ++ && make_mutable(pathname, st.st_mode, st.st_flags, force_change) > 0) { ++ if (rmdir(pathname) == 0) ++ return 0; ++ undo_make_mutable(pathname, st.st_flags); ++ } ++ errno = EPERM; ++ } ++#endif ++ return -1; + } -+#ifdef SUPPORT_FLAGS -+int do_chflags(const char *path, u_long flags) + int do_open(const char *pathname, int flags, mode_t mode) +@@ -190,7 +245,7 @@ int do_open(const char *pathname, int flags, mode_t mode) + } + + #ifdef HAVE_CHMOD +-int do_chmod(const char *path, mode_t mode) ++int do_chmod(const char *path, mode_t mode, uint32 fileflags) + { + int code; + if (dry_run) return 0; +@@ -211,17 +266,74 @@ int do_chmod(const char *path, mode_t mode) + #endif + } else + code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ ++#ifdef SUPPORT_FORCE_CHANGE ++ if (code < 0 && force_change && errno == EPERM && !S_ISLNK(mode)) { ++ if (fileflags == NO_FFLAGS) { ++ STRUCT_STAT st; ++ if (x_lstat(path, &st, NULL) == 0) ++ fileflags = st.st_flags; ++ } ++ if (fileflags != NO_FFLAGS ++ && make_mutable(path, mode, fileflags, force_change) > 0) { ++ code = chmod(path, mode & CHMOD_BITS); ++ undo_make_mutable(path, fileflags); ++ if (code == 0) ++ return 0; ++ } ++ errno = EPERM; ++ } ++#else ++ fileflags = 0; /* avoid compiler warning */ ++#endif + if (code != 0 && (preserve_perms || preserve_executability)) + return code; + return 0; + } + #endif + ++#ifdef HAVE_CHFLAGS ++int do_chflags(const char *path, uint32 fileflags) +{ + if (dry_run) return 0; + RETURN_ERROR_IF_RO_OR_LO; -+ return chflags(path, flags); ++ return chflags(path, fileflags); +} +#endif + int do_rename(const char *fname1, const char *fname2) { if (dry_run) return 0; + RETURN_ERROR_IF_RO_OR_LO; +- return rename(fname1, fname2); ++ if (rename(fname1, fname2) == 0) ++ return 0; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (force_change && errno == EPERM) { ++ STRUCT_STAT st1, st2; ++ int became_mutable; ++ ++ if (x_lstat(fname1, &st1, NULL) != 0) ++ goto failed; ++ became_mutable = make_mutable(fname1, st1.st_mode, st1.st_flags, force_change) > 0; ++ if (became_mutable && rename(fname1, fname2) == 0) ++ goto success; ++ if (x_lstat(fname2, &st2, NULL) == 0 ++ && make_mutable(fname2, st2.st_mode, st2.st_flags, force_change) > 0) { ++ if (rename(fname1, fname2) == 0) { ++ success: ++ if (became_mutable) /* Yes, use fname2 and st1! */ ++ undo_make_mutable(fname2, st1.st_flags); ++ return 0; ++ } ++ undo_make_mutable(fname2, st2.st_flags); ++ } ++ /* TODO: handle immutable directories */ ++ if (became_mutable) ++ undo_make_mutable(fname1, st1.st_flags); ++ failed: ++ errno = EPERM; ++ } ++#endif ++ return -1; + } + + void trim_trailing_slashes(char *name) +diff --git a/t_stub.c b/t_stub.c +--- a/t_stub.c ++++ b/t_stub.c +@@ -25,6 +25,7 @@ int modify_window = 0; + int module_id = -1; + int relative_paths = 0; + int module_dirlen = 0; ++int force_change = 0; + int preserve_xattrs = 0; + mode_t orig_umask = 002; + char number_separator = ','; +@@ -84,3 +85,23 @@ filter_rule_list daemon_filter_list; + { + return "tester"; + } ++ ++#if defined SUPPORT_FILEFLAGS || defined SUPPORT_FORCE_CHANGE ++ int make_mutable(UNUSED(const char *fname), UNUSED(mode_t mode), UNUSED(uint32 fileflags), UNUSED(uint32 iflags)) ++{ ++ return 0; ++} ++ ++/* Undo a prior make_mutable() call that returned a 1. */ ++ int undo_make_mutable(UNUSED(const char *fname), UNUSED(uint32 fileflags)) ++{ ++ return 0; ++} ++#endif ++ ++#ifdef SUPPORT_XATTRS ++ int x_lstat(UNUSED(const char *fname), UNUSED(STRUCT_STAT *fst), UNUSED(STRUCT_STAT *xst)) ++{ ++ return -1; ++} ++#endif +diff --git a/util.c b/util.c +--- a/util.c ++++ b/util.c +@@ -30,6 +30,7 @@ extern int module_id; + extern int modify_window; + extern int relative_paths; + extern int preserve_xattrs; ++extern int force_change; + extern char *module_dir; + extern unsigned int module_dirlen; + extern mode_t orig_umask; +@@ -123,7 +124,7 @@ NORETURN void overflow_exit(const char *str) + exit_cleanup(RERR_MALLOC); + } + +-int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode) ++int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode, uint32 fileflags) + { + #ifndef CAN_SET_SYMLINK_TIMES + if (S_ISLNK(mode)) +@@ -140,15 +141,14 @@ int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode) + return 0; + + { ++ int ret; + #ifdef HAVE_UTIMENSAT + struct timespec t[2]; + t[0].tv_sec = 0; + t[0].tv_nsec = UTIME_NOW; + t[1].tv_sec = modtime; + t[1].tv_nsec = mod_nsec; +- if (utimensat(AT_FDCWD, fname, t, AT_SYMLINK_NOFOLLOW) < 0) +- return S_ISLNK(mode) && errno == ENOSYS ? 1 : -1; +- return 0; ++#define SET_THE_TIME(fn) utimensat(AT_FDCWD, fn, t, AT_SYMLINK_NOFOLLOW) + #elif defined HAVE_UTIMES || defined HAVE_LUTIMES + struct timeval t[2]; + t[0].tv_sec = time(NULL); +@@ -156,25 +156,44 @@ int set_modtime(const char *fname, time_t modtime, uint32 mod_nsec, mode_t mode) + t[1].tv_sec = modtime; + t[1].tv_usec = mod_nsec / 1000; + # ifdef HAVE_LUTIMES +- if (lutimes(fname, t) < 0) +- return S_ISLNK(mode) && errno == ENOSYS ? 1 : -1; +- return 0; ++#define SET_THE_TIME(fn) lutimes(fn, t) + # else +- return utimes(fname, t); ++#define SET_THE_TIME(fn) utimes(fn, t) + # endif + #elif defined HAVE_STRUCT_UTIMBUF + struct utimbuf tbuf; + tbuf.actime = time(NULL); + tbuf.modtime = modtime; +- return utime(fname,&tbuf); ++#define SET_THE_TIME(fn) utime(fn, &tbuf) + #elif defined HAVE_UTIME + time_t t[2]; + t[0] = time(NULL); + t[1] = modtime; +- return utime(fname,t); ++#define SET_THE_TIME(fn) utime(fn, t) + #else + #error No file-time-modification routine found! + #endif ++ ret = SET_THE_TIME(fname); ++ if (ret != 0 && S_ISLNK(mode) && errno == ENOSYS) ++ return 1; ++#ifdef SUPPORT_FORCE_CHANGE ++ if (ret != 0 && force_change && errno == EPERM) { ++ if (fileflags == NO_FFLAGS) { ++ STRUCT_STAT st; ++ if (x_lstat(fname, &st, NULL) == 0) ++ fileflags = st.st_flags; ++ } ++ if (fileflags != NO_FFLAGS ++ && make_mutable(fname, mode, fileflags, force_change) > 0) { ++ ret = SET_THE_TIME(fname); ++ undo_make_mutable(fname, fileflags); ++ } ++ errno = EPERM; ++ } ++#else ++ fileflags = 0; /* avoid compiler warning */ ++#endif ++ return ret; + } + } + +diff --git a/xattrs.c b/xattrs.c +--- a/xattrs.c ++++ b/xattrs.c +@@ -1033,7 +1033,7 @@ int set_stat_xattr(const char *fname, struct file_struct *file, mode_t new_mode) + mode = (fst.st_mode & _S_IFMT) | (fmode & ACCESSPERMS) + | (S_ISDIR(fst.st_mode) ? 0700 : 0600); + if (fst.st_mode != mode) +- do_chmod(fname, mode); ++ do_chmod(fname, mode, ST_FLAGS(fst)); + if (!IS_DEVICE(fst.st_mode)) + fst.st_rdev = 0; /* just in case */ +