Posix Extended headers ...
rsharpe at ns.aus.com
Mon Jul 15 11:50:00 GMT 2002
On Mon, 15 Jul 2002, Joerg Schilling wrote:
[Added Samba-technical so that this discussion can be recorded]
Preamble. Noting that star supports saving and restoring Posix ACLs for at
least Linux, and that Samba's libsmb now has routines to query and set
SEC_DESCs, I started talking to Joerg Schilling on this topic.
> >From rsharpe at ns.aus.com Fri Jul 12 21:37:16 2002
> >> >The initial goal is to simply be able to backup the NT SEC_DESC (ie, ACLs)
> >> >as a blob so it can be restored to the NT server.
> >> How does this look?
> >The SEC_DESC contains the Owner SID and the Primary Group SID of the Owner
> >of the file, along with the ACL, which can contain both positive ACEs
> >(allow) and negative ACEs (deny) as well as AUDIT and something else ACEs.
> Mmm, Audit entries on Solaris are kept in the shadow passwd file.
I think audit entries are similar to positive or negative ACEs, and simply
mean that if the specified user/group requested the specified access,
write a system log entry.
> Having denial ACLs makes it a bit more complex, but if at least the basic
> idea is the same as with POSIX, then it would be possible to add just two
> additional ACL descriptors to the TAR header:
> - Denial default entries (descending information starting from dirs)
> - Denial access entries
> These could just look (besides the label) the same as the existing entries.
That is a neat idea. That would make it work. We would want to record
user/group names as DOMAIN\name as well, and UID/GID does not necessarily
> >Since NFS V4 contains something similar, there will be a growing need for
> I did not have the time to read the NVS V4 specs. If Sun adds this, then there
> is a high probability, that Solaris 10 will support these things too.
> >> What is the difference?
> >Posix only has the concept of positive ACEs. It does not have negative or
> >system or audit ACEs.
> Could you exmplain what audit ACEs should look like and what they should do?
> >Translating them to text would allow system independent restores, so a
> >backup from a Windows NT/2K domain could be restored on an NFS V4 server,
> >or indeed on a system with POSIX ACLs with some loss of information.
> Not translating them to text could make archives a lot less portable.
Yes, it was simply mentioned as a first-cut stop-gap solution.
> >> BTW: how POSIX compliant is sbmtar? Did you run my compliance test
> >> that comes with star?
> >Never run it, so I don't know.
> Creating a ACL aware SMB backup could be done by either adding POSIX.1-2001
> support to smbclient, or by adding a smb access lib to (a specialized) star.
Hmmm, might be similar amounts of work in either case. Does star have a
library-feel for the code that writes headers/blocks to the archive?
There is a library in Samba that provides much of what you want but is
perhaps not so easy to use as yet.
I imagine that the ACLs are written as a header and block that contain the
> Here are some numbers to help you with the decision:
> - I could write a POSIX.1-1990 (only) tar in two days.
> In fact, I did write a POSIX.1-1990 TAR archive conformance checker
> in one day ("tartest" from star-1.4.1 or star-1.5a05).
> - It took me > 2 weeks to add basic POSIX.1-2001 extended header support
> into star.
> - It took me 2 weeks to add Linux ACL support (made by Andreas
> Gruenbacher) and Solaris ACL support (made by me) to star.
> - I guess that it would take more than 2 months to add POSIX.1-2001
> basic extended header support into GNU tar.
Thank you for this information ... The discussion has been productive as
Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org,
sharpe at ethereal.com
More information about the samba-technical