rsync 3.0.4 ACL corruption

Peter Rindfuss rindfuss at wzb.eu
Mon Dec 15 11:20:23 GMT 2008 

Hi,

I use rsync 3.0.4 on two opensuse 11 machines.
Every night, a big tree of machine A is synced to machine B.
These machines are samba PDC and BDC, users and groups are ldap-based, 
and ACLs are heavily used. There are about 2.8 million files and dirs, 
2.2 terabytes of data, and a complete ACL list produced with getfacl has 
some 600 megabytes.

I've just noticed that ACLs get partially corrupted on the receiving 
side. This is my command line, running as root:
/usr/bin/rsync --quiet --links --numeric-ids --acls --perms --times 
--recursive --owner --group --delete-during --ignore-errors --backup 
--backup-dir=/wzb/backup/wzb= --password-file=/etc/wzb/rsync/password 
--filter '- /backup/' rsync://selene.wzb.eu/wzb /wzb

/wzb has subtrees user, group, software. Wrong ACLs show up in several 
places. /wzb/user (home directories) seems ok. Both /wzb/group and 
/wzb/software have wrong subentries.

In /wzb/software, all subentry ACLs, both files and dirs, a partially 
(but not completely) wrong, and all in the same way.
Example: directory /wzb/software/aida
This is as should be:
# file: aida
# owner: root
# group: root
user::rwx
group::r-x
group:users:r-x
mask::rwx
other::---
default:user::rwx
default:group::r-x
default:group:users:r-x
default:mask::rwx
default:other::---

This is what happens:
# file: aida
# owner: root
# group: root
user::rwx
user:spura:rwx
group::---
mask::rwx
other::---
default:user::rwx
default:group::r-x
default:group:users:r-x
default:mask::rwx
default:other::---

It looks like the lines
group::r-x
group:users:r-x

are replaced by
user:spura:rwx
group::---

The latter is a (partial) ACL from /wzb/user/spura, the "spura" person's 
home dir.

The very same thing happens to all files and dirs below /wzb/software.
User "spura" is completely wrong here.


Further observations:
- At the next rsync run, same thing occurs but with a different(!) user.

- The number of ACL entries remains unchanged.

- Only existing users show up in the wrong ACLs.

- rsync happens to backup the /wzb/user and /wzb/group subtrees first, 
making it understandable that the wrong ACLs parts are somewhere in 
rsync's memory.

- If I rsync the /wzb/software branch alone, everything is ok.

- It does not matter whether or not I use --numeric-ids.



Peter Rindfuss

More information about the rsync mailing list