search

pombreda / libarchive

Automatically exported from code.google.com/p/libarchive
Other
0 stars 0 forks source link

bsdtar does not preserve Default ACL set on nested subdirectory #393

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Using setfacl(1), set a Default ACL on a nested subdirectory
2. Backup and restore the directory tree
3. Using getfacl(1), compare the ACLs on the nested subdirectory

What is the expected output? What do you see instead?
The ACLs on the backup source and restore destination nested subdirectory 
should be identical.
Instead, the ACL on the restore destination nested subdirectory is missing the 
Default part.

What version are you using?
libarchive 3.1.2-8 (Arch Linux package[1])
acl 2.2.52-2 (Arch Linux package[2])
Also tested with libarchive-git v3.1.2.449.g296efb3-1 (Arch Linux AUR 
package[3], which builds libarchive from Git HEAD)

On what operating system?
Arch Linux x86_64 (rolling release)

How did you build?  (cmake, configure, or pre-packaged binary)
libarchive 3.1.2-8: prepackaged binary
acl 2.2.52-2: prepackaged binary
libarchive-git:
$ ./build/autogen.sh
$ ./configure --prefix=/usr --without-xml2
$ make clean
$ make
(see [4])

What compiler or development environment (please include version)?
gcc-multilib 4.9.2-2 (Arch Linux package):
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-unknown-linux-gnu/4.9.2/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: /build/gcc-multilib/src/gcc-4.9-20141224/configure 
--prefix=/usr --libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man 
--infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/ 
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared 
--enable-threads=posix --with-system-zlib --enable-__cxa_atexit 
--disable-libunwind-exceptions --enable-clocale=gnu --disable-libstdcxx-pch 
--disable-libssp --enable-gnu-unique-object --enable-linker-build-id 
--enable-cloog-backend=isl --enable-lto --enable-plugin 
--enable-install-libiberty --with-linker-hash-style=gnu --enable-multilib 
--disable-werror --enable-checking=release
Thread model: posix
gcc version 4.9.2 20141224 (prerelease) (GCC)

Please provide any additional information below.

I've tested on a tmpfs and on an ext4 filesystem with the same results. This 
seems to indicate that the issue is not filesystem related.

I'm including a small test script (which requires sudo rights to run) which 
deminstrates the problem.

[1]: https://www.archlinux.org/packages/core/x86_64/libarchive/
[2]: https://www.archlinux.org/packages/core/x86_64/acl/
[3]: https://aur.archlinux.org/packages/libarchive-git
[4]: https://aur.archlinux.org/packages/li/libarchive-git/PKGBUILD

Original issue reported on code.google.com by a.c.kal...@gmail.com on 28 Jan 2015 at 8:23

Attachments:

GoogleCodeExporter commented 9 years ago 
Result of running the test script on my own system:

$ ./test-bsdtar-nested-acl.sh
*** Default ACLs should be preserved
    on top-level directories as well as subdirectories.

==> Testing directory path: dir

--> The following two ACLs should be identical
    (in particular the Default ACLs):

# file: src/dir
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:nobody:r-x
default:mask::r-x
default:other::r-x

# file: dest/dir
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:nobody:r-x
default:mask::r-x
default:other::r-x

--> The following two ACLs should be identical
    (in particular the effective rights masks):

# file: src/dir/test
# owner: root
# group: root
user::rw-
group::r-x  #effective:r--
group:nobody:r-x    #effective:r--
mask::r--
other::r--

# file: dest/dir/test
# owner: root
# group: root
user::rw-
group::r-x  #effective:r--
group:nobody:r-x    #effective:r--
mask::r--
other::r--

==> Testing directory path: dir1/dir2

--> The following two ACLs should be identical
    (in particular the Default ACLs):

# file: src/dir1/dir2
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:nobody:r-x
default:mask::r-x
default:other::r-x

# file: dest/dir1/dir2
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::r-x

--> The following two ACLs should be identical
    (in particular the effective rights masks):

# file: src/dir1/dir2/test
# owner: root
# group: root
user::rw-
group::r-x  #effective:r--
group:nobody:r-x    #effective:r--
mask::r--
other::r--

# file: dest/dir1/dir2/test
# owner: root
# group: root
user::rw-
group::r--
other::r--

==> Done.

Original comment by a.c.kal...@gmail.com on 28 Jan 2015 at 8:27

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago

Original comment by a.c.kal...@gmail.com on 28 Jan 2015 at 8:57

Attachments:

GoogleCodeExporter commented 9 years ago 
Sorry for all the deletions.
The test script is my attempt to minimize the test for a much more involved 
scenario which is discussed on this Arch Linux issue: 
https://bugs.archlinux.org/task/43584#comment131888

Final version of the script (I hope) with my results:

./test-bsdtar-nested-acl.sh
*** Default ACLs should be preserved
    on top-level directories as well as subdirectories.

==> Testing directory path: dir

--> The following two ACLs should be identical
    (in particular the Default ACLs):

# file: src/dir
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::---
default:user::rwx
default:group::r-x
default:group:nobody:r-x
default:mask::r-x
default:other::---

# file: dest/dir
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::---
default:user::rwx
default:group::r-x
default:group:nobody:r-x
default:mask::r-x
default:other::---

--> The following two ACLs should be identical
    (in particular the effective rights masks):

# file: src/dir/test
# owner: root
# group: root
user::rw-
group::r-x  #effective:r--
group:nobody:r-x    #effective:r--
mask::r--
other::---

# file: dest/dir/test
# owner: root
# group: root
user::rw-
group::r-x  #effective:r--
group:nobody:r-x    #effective:r--
mask::r--
other::---

==> Testing directory path: dir1/dir2

--> The following two ACLs should be identical
    (in particular the Default ACLs):

# file: src/dir1/dir2
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::---
default:user::rwx
default:group::r-x
default:group:nobody:r-x
default:mask::r-x
default:other::---

# file: dest/dir1/dir2
# owner: root
# group: root
user::rwx
group::r-x
group:nobody:r-x
mask::r-x
other::---

--> The following two ACLs should be identical
    (in particular the effective rights masks):

# file: src/dir1/dir2/test
# owner: root
# group: root
user::rw-
group::r-x  #effective:r--
group:nobody:r-x    #effective:r--
mask::r--
other::---

# file: dest/dir1/dir2/test
# owner: root
# group: root
user::rw-
group::r--
other::---

==> Done.

Original comment by a.c.kal...@gmail.com on 28 Jan 2015 at 1:56

Attachments:

GoogleCodeExporter commented 9 years ago 
Is it possible to reproduce this issue without using sudo?

Non-root users can set ACLs on their own files; if we can reproduce this 
without sudo, we can build a libarchive test to reproduce the issue which will 
help ensure that it not only gets fixed, but stays fixed.

Currently, ACL backup/restore handling is only tested on FreeBSD.  Could you 
please look at these two tests and see if there is a way to have some part of 
them run on Linux systems as well?  I know that not all Linux systems have ACL 
support, but I'm not sure what compile-time or run-time tests are appropriate 
here.
  libarchive/test/test_acl_freebsd_nfs4.c
  libarchive/test/test_acl_freebsd_posix1e.c

Original comment by kientzle@gmail.com on 2 Feb 2015 at 12:51