Posix Extended headers ...
Richard Sharpe
rsharpe at ns.aus.com
Mon Jul 15 11:50:00 GMT 2002
On Mon, 15 Jul 2002, Joerg Schilling wrote:
[Added Samba-technical so that this discussion can be recorded]
Preamble. Noting that star supports saving and restoring Posix ACLs for at
least Linux, and that Samba's libsmb now has routines to query and set
SEC_DESCs, I started talking to Joerg Schilling on this topic.
> >From rsharpe at ns.aus.com Fri Jul 12 21:37:16 2002
>
> >> >The initial goal is to simply be able to backup the NT SEC_DESC (ie, ACLs)
> >> >as a blob so it can be restored to the NT server.
> >>
> >> How does this look?
>
> >The SEC_DESC contains the Owner SID and the Primary Group SID of the Owner
> >of the file, along with the ACL, which can contain both positive ACEs
> >(allow) and negative ACEs (deny) as well as AUDIT and something else ACEs.
>
> Mmm, Audit entries on Solaris are kept in the shadow passwd file.
I think audit entries are similar to positive or negative ACEs, and simply
mean that if the specified user/group requested the specified access,
write a system log entry.
> Having denial ACLs makes it a bit more complex, but if at least the basic
> idea is the same as with POSIX, then it would be possible to add just two
> additional ACL descriptors to the TAR header:
>
> - Denial default entries (descending information starting from dirs)
>
> - Denial access entries
>
> These could just look (besides the label) the same as the existing entries.
That is a neat idea. That would make it work. We would want to record
user/group names as DOMAIN\name as well, and UID/GID does not necessarily
make sense.
> >Since NFS V4 contains something similar, there will be a growing need for
> >this.
>
> I did not have the time to read the NVS V4 specs. If Sun adds this, then there
> is a high probability, that Solaris 10 will support these things too.
>
> >> What is the difference?
>
> >Posix only has the concept of positive ACEs. It does not have negative or
> >system or audit ACEs.
>
> Could you exmplain what audit ACEs should look like and what they should do?
See above.
> >Translating them to text would allow system independent restores, so a
> >backup from a Windows NT/2K domain could be restored on an NFS V4 server,
> >or indeed on a system with POSIX ACLs with some loss of information.
>
> Not translating them to text could make archives a lot less portable.
Yes, it was simply mentioned as a first-cut stop-gap solution.
> >> BTW: how POSIX compliant is sbmtar? Did you run my compliance test
> >> that comes with star?
>
> >Never run it, so I don't know.
>
> Creating a ACL aware SMB backup could be done by either adding POSIX.1-2001
> support to smbclient, or by adding a smb access lib to (a specialized) star.
Hmmm, might be similar amounts of work in either case. Does star have a
library-feel for the code that writes headers/blocks to the archive?
There is a library in Samba that provides much of what you want but is
perhaps not so easy to use as yet.
I imagine that the ACLs are written as a header and block that contain the
ACL.
> Here are some numbers to help you with the decision:
>
> - I could write a POSIX.1-1990 (only) tar in two days.
> In fact, I did write a POSIX.1-1990 TAR archive conformance checker
> in one day ("tartest" from star-1.4.1 or star-1.5a05).
>
> - It took me > 2 weeks to add basic POSIX.1-2001 extended header support
> into star.
>
> - It took me 2 weeks to add Linux ACL support (made by Andreas
> Gruenbacher) and Solaris ACL support (made by me) to star.
>
> - I guess that it would take more than 2 months to add POSIX.1-2001
> basic extended header support into GNU tar.
>
> Jörg
Thank you for this information ... The discussion has been productive as
well.
Regards
-----
Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org,
sharpe at ethereal.com
More information about the samba-technical
mailing list