Preserve ZFS ACLs when syncing to Linux (ext4)

Philipp Tölke philipp at philipptoelke.de
Thu Sep 25 10:20:14 MDT 2014


Hi,

Please keep the discussion on the list. Others might benefit.

> Thanks for the information! Do you have a copy of the patch you applied
> to rsync's xattrs.c to enable copying the system-acls?

Please see attachment.

> I would prefer to run rsync over SSH because if I run it over NFS I lose
> the advantage of being able to perform partial file transfers to reduce
> network traffic and increase performance. If I patched rsync on both
> the Solaris (source) and Linux (destination) systems, do you think this
> would still work?

No. I do not think Solaris exposes the ACL as an extended attribute. If 
it does, the data-format would most likely be different. This is the 
reason that rsync normally does not copy system-attributes.

> As far as losing information when "downgrading" from NFSv4 ACLs to POSIX
> ACLs, that is okay. I'm going to use this for a daily backup system, so I
> am primarily concerned about not allowing increased access on the backups
> (e.g if groupA were denied access by an ACL to folder1, I wouldn't want the
> backups to strip this information so then groupA can gain access to folder1
> on the Linux backup server).

I am not sure if the downgrades can be guaranteed to be more restrictive.

Cheers,
Philipp

-------------- next part --------------
diff --git a/xattrs.c b/xattrs.c
index 57d40e1..73785d6 100644
--- a/xattrs.c
+++ b/xattrs.c
@@ -235,8 +235,7 @@ static int rsync_xal_get(const char *fname, item_list *xalp)
 #ifdef HAVE_LINUX_XATTRS
 		/* We always ignore the system namespace, and non-root
 		 * ignores everything but the user namespace. */
-		if (user_only ? !HAS_PREFIX(name, USER_PREFIX)
-			      : HAS_PREFIX(name, SYSTEM_PREFIX))
+		if (user_only && !HAS_PREFIX(name, USER_PREFIX))
 			continue;
 #endif
 
@@ -338,8 +337,7 @@ int copy_xattrs(const char *source, const char *dest)
 #ifdef HAVE_LINUX_XATTRS
 		/* We always ignore the system namespace, and non-root
 		 * ignores everything but the user namespace. */
-		if (user_only ? !HAS_PREFIX(name, USER_PREFIX)
-			      : HAS_PREFIX(name, SYSTEM_PREFIX))
+		if (user_only && !HAS_PREFIX(name, USER_PREFIX))
 			continue;
 #endif
 
@@ -869,8 +867,7 @@ static int rsync_xal_set(const char *fname, item_list *xalp,
 #ifdef HAVE_LINUX_XATTRS
 		/* We always ignore the system namespace, and non-root
 		 * ignores everything but the user namespace. */
-		if (user_only ? !HAS_PREFIX(name, USER_PREFIX)
-			      : HAS_PREFIX(name, SYSTEM_PREFIX))
+		if (user_only && !HAS_PREFIX(name, USER_PREFIX))
 			continue;
 #endif
 		if (am_root < 0 && name_len > RPRE_LEN


More information about the rsync mailing list