Date: Thu, 16 Jan 2014 20:37:13 -0800 From: Tim Kientzle <tim@kientzle.com> To: Mark Felder <feld@freebsd.org> Cc: FreeBSD current <freebsd-current@FreeBSD.org> Subject: Re: mtree acl support Message-ID: <EC7CE575-4374-4A1A-9488-091558D6C1A9@kientzle.com> In-Reply-To: <1389904576.2313.71707745.52B4D2D1@webmail.messagingengine.com> References: <1389710847.2685.70601137.72B5C024@webmail.messagingengine.com> <93FD368C-21D1-4A5F-986A-859D83AFB5BF@kientzle.com> <1389904576.2313.71707745.52B4D2D1@webmail.messagingengine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 16, 2014, at 12:36 PM, Mark Felder <feld@freebsd.org> wrote: > On Wed, Jan 15, 2014, at 23:11, Tim Kientzle wrote: >>=20 >> On Jan 14, 2014, at 6:47 AM, Mark Felder <feld@freebsd.org> wrote: >>=20 >>> I was recently talking to someone about how one would backup / = restore >>> ACLs reliably. I didn't see any mention of ACLs in the mtree man = page >>> and after a quick google I came upon this old mailing list post: >>>=20 >>> = http://lists.freebsd.org/pipermail/freebsd-hackers/2008-April/024173.html >>>=20 >>> patch in list is here: = http://heka.cenkes.org/sat/diffs/mtree_acl.diff >>> I've mirrored it here: https://feld.me/freebsd/mtree_acl.diff >>>=20 >>> This old patch appears to still apply cleanly. I hate to see a patch = die >>> and be forgotten. >>=20 >> One problem that =91tar=92 has addressed (inspired by Joerg = Schilling=92s >> work on star) is to permit ACLs to be restored even if the user = database >> is out of date. >>=20 >> This is done by including a fourth field in each ACE with the >> numeric user ID. >>=20 >> I suspect you want to do the same for mtree. I thought >> I remembered acl_to_text having an option to use >> an extended text format, so it might be a trivial change. >>=20 >=20 > As long as it's not default. One of the most convenient ways to change = a > user's UID (or multiple users!) is to do an mtree backup, change > UID/GID, and then re-apply mtree backup. Every file that the user(s) > previously owned will be automatically changed to the new UID/GID for > you :-) The extended format stores both name and numeric ID. It tries to restore by name first (looking up as necessary), then falls = back on ID if that fails. So this does correctly handle your case. This also lets you restore trees when user lookups are unavailable. For = example, user lookups may be broken because of permission problems that = you=92re trying to fix with mtree. ;-) Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EC7CE575-4374-4A1A-9488-091558D6C1A9>