ACLs are copied by UID rather than by Name
Chris Davies
chris at roaima.co.uk
Fri Jan 16 14:49:13 UTC 2026
Two Linux-based systems running rsync 3.2.7. Running as a normal user,
ACL attributes are copied by UID rather than by Name. In the case where
UIDs do not match between the two systems this can lead to an incorrect
copy. Running with root permissions on both sides does create a correct
copy.
Using a normal unprivileged user account the ACLs can be recreated
correctly, so I would suggest this is an oversight or bug in rsync.
Example. Two user accounts, "alice", running the rsync process, and
"charlie". On the source system, alice is UID 1000 and charlie is UID
1003. On the destination system alice is UID 1001 and charlie is UID 1000.
Destination system:
mkdir /tmp/803751
cd /tmp/803751
Source system:
mkdir /tmp/803751
cd /tmp/803751
mkdir dir
setfacl -m u:alice:rwx dir
setfacl -m u:charlie:rx dir
getfacl dir
# file: dir
# owner: alice
# group: alice
user::rwx
user:charlie:r-x
user:alice:rwx
group::r-x
mask::rwx
other::r-x
rsync -aAv ./ destinationSystem:/tmp/803751
After copying the directory, the ACLs on the destination system are as
follows
Destination system:
getfacl dir
# file: dir
# owner: alice
# group: alice
user::rwx
user:charlie:rwx
user:1003:r-x
group::r-x
mask::rwx
other::r-x
The ACL belonging to alice has been applied to charlie, and charlie's
ACL has been applied to a user 1003 that does not exist on the
destination system.
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/rsync/attachments/20260116/0e578622/attachment.htm>
More information about the rsync
mailing list