-Depends-On-Patch: acls.diff
-Depends-On-Patch: xattrs.diff
-
This patch adds a new option: --fake-super, which tells rsync to copy in a
fake super-user mode that stores various file attributes in an extended-
-attribute value instead of as real file-system attributes. The items
-affected are:
-
- mode the real mode of a file is always (666 & umask) while
- the real mode of a directory is always (777 & umask).
-
- rdev devices and special files are created as zero-length
- normal files.
-
- uid the real owner is always left unchanged.
-
- gid the real group is always left unchanged.
-
-A daemon can set "fake super = yes" in the rsync.conf file for any module
-that you'd like to run without root perms while pretending it has them (the
-client cannot affect this).
-
-The --fake-super option only affects the side where the option is used. To
-affect the remote side of a remote-shell connection, specify an rsync path:
-
- rsync -av --rsync-path='rsync --fake-super' /src/ host:/dest/
+attribute value instead of as real file-system attributes. See the changes
+to the manpages for details.
-For a local copy where you want to affect only one side or the other,
-you'll need to turn the copy into a remote copy to localhost.
-
-After applying this patch, run these commands for a successful build:
+To use this patch, run these commands for a successful build:
+ patch -p1 <patches/acls.diff
+ patch -p1 <patches/xattrs.diff
+ patch -p1 <patches/fake-super.diff
./prepare-source
- ./configure
+ ./configure --enable-xattr-support
make
---- old/Makefile.in
-+++ new/Makefile.in
-@@ -41,7 +41,7 @@ popt_OBJS=popt/findme.o popt/popt.o po
- popt/popthelp.o popt/poptparse.o
- OBJS=$(OBJS1) $(OBJS2) $(OBJS3) $(DAEMON_OBJ) $(LIBOBJ) $(ZLIBOBJ) @BUILD_POPT@
-
--TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o
-+TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o lib/sysxattr.o
-
- # Programs we must have to run the test cases
- CHECK_PROGS = rsync$(EXEEXT) tls$(EXEEXT) getgroups$(EXEEXT) getfsdev$(EXEEXT) \
-@@ -83,11 +83,11 @@ getgroups$(EXEEXT): getgroups.o
- getfsdev$(EXEEXT): getfsdev.o
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ getfsdev.o $(LIBS)
-
--TRIMSLASH_OBJ = trimslash.o syscall.o lib/compat.o lib/snprintf.o
-+TRIMSLASH_OBJ = trimslash.o syscall.o lib/compat.o lib/snprintf.o lib/sysxattr.o
- trimslash$(EXEEXT): $(TRIMSLASH_OBJ)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(TRIMSLASH_OBJ) $(LIBS)
-
--T_UNSAFE_OBJ = t_unsafe.o syscall.o util.o t_stub.o lib/compat.o lib/snprintf.o
-+T_UNSAFE_OBJ = t_unsafe.o syscall.o util.o t_stub.o lib/compat.o lib/snprintf.o lib/sysxattr.o
- t_unsafe$(EXEEXT): $(T_UNSAFE_OBJ)
- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(T_UNSAFE_OBJ) $(LIBS)
+If you want ACL support too, use this configure command instead of the one
+above:
+
+ ./configure --enable-acl-support --enable-xattr-support
+
+--- old/backup.c
++++ new/backup.c
+@@ -128,7 +128,7 @@ static int make_bak_dir(char *fullpath)
+ if (p >= rel) {
+ /* Try to transfer the directory settings of the
+ * actual dir that the files are coming from. */
+- if (do_stat(rel, &sx.st) < 0) {
++ if (x_stat(rel, &sx.st, NULL) < 0) {
+ rsyserr(FERROR, errno,
+ "make_bak_dir stat %s failed",
+ full_fname(rel));
+@@ -199,7 +199,7 @@ static int keep_backup(const char *fname
+ int ret_code;
+ /* return if no file to keep */
+- if (do_lstat(fname, &sx.st) < 0)
++ if (x_lstat(fname, &sx.st, NULL) < 0)
+ return 1;
+ #ifdef SUPPORT_ACLS
+ sx.acc_acl = sx.def_acl = NULL;
--- old/clientserver.c
+++ new/clientserver.c
-@@ -625,6 +625,11 @@ static int rsync_module(int f_in, int f_
+@@ -627,6 +627,11 @@ static int rsync_module(int f_in, int f_
ret = parse_arguments(&argc, (const char ***) &argv, 0);
quiet = 0; /* Don't let someone try to be tricky. */
if (filesfrom_fd == 0)
filesfrom_fd = f_in;
---- old/generator.c
-+++ new/generator.c
-@@ -1510,13 +1510,14 @@ void generate_files(int f_out, struct fi
- recv_generator(fbuf, file, i, itemizing, maybe_ATTRS_REPORT,
- code, f_out);
+--- old/flist.c
++++ new/flist.c
+@@ -193,7 +193,7 @@ static int readlink_stat(const char *pat
+ }
+ return 0;
+ #else
+- return do_stat(path, stp);
++ return x_stat(path, stp, NULL);
+ #endif
+ }
-- /* We need to ensure that any dirs we create have writeable
-+ /* We need to ensure that any dirs we create have rwx
- * permissions during the time we are putting files within
- * them. This is then fixed after the transfer is done. */
- #ifdef HAVE_CHMOD
-- if (!am_root && S_ISDIR(file->mode) && !(file->mode & S_IWUSR)
-+ if (am_root <= 0 && S_ISDIR(file->mode)
-+ && (file->mode & S_IRWXU) != S_IRWXU
- && dir_tweaking) {
-- mode_t mode = file->mode | S_IWUSR; /* user write */
-+ mode_t mode = file->mode | S_IRWXU; /* user rwx */
- char *fname = local_name ? local_name : fbuf;
- if (do_chmod(fname, mode) < 0) {
- rsyserr(FERROR, errno,
+@@ -201,17 +201,17 @@ int link_stat(const char *path, STRUCT_S
+ {
+ #ifdef SUPPORT_LINKS
+ if (copy_links)
+- return do_stat(path, stp);
+- if (do_lstat(path, stp) < 0)
++ return x_stat(path, stp, NULL);
++ if (x_lstat(path, stp, NULL) < 0)
+ return -1;
+ if (follow_dirlinks && S_ISLNK(stp->st_mode)) {
+ STRUCT_STAT st;
+- if (do_stat(path, &st) == 0 && S_ISDIR(st.st_mode))
++ if (x_stat(path, &st, NULL) == 0 && S_ISDIR(st.st_mode))
+ *stp = st;
+ }
+ return 0;
+ #else
+- return do_stat(path, stp);
++ return x_stat(path, stp, NULL);
+ #endif
+ }
+
+@@ -246,26 +246,6 @@ static int is_excluded(char *fname, int
+ return 0;
+ }
+
+-static int to_wire_mode(mode_t mode)
+-{
+-#ifdef SUPPORT_LINKS
+-#if _S_IFLNK != 0120000
+- if (S_ISLNK(mode))
+- return (mode & ~(_S_IFMT)) | 0120000;
+-#endif
+-#endif
+- return mode;
+-}
+-
+-static mode_t from_wire_mode(int mode)
+-{
+-#if _S_IFLNK != 0120000
+- if ((mode & (_S_IFMT)) == 0120000)
+- return (mode & ~(_S_IFMT)) | _S_IFLNK;
+-#endif
+- return mode;
+-}
+-
+ static void send_directory(int f, struct file_list *flist,
+ char *fbuf, int len);
+
+@@ -814,7 +794,7 @@ struct file_struct *make_file(const char
+ if (save_errno == ENOENT) {
+ #ifdef SUPPORT_LINKS
+ /* Avoid "vanished" error if symlink points nowhere. */
+- if (copy_links && do_lstat(thisname, &st) == 0
++ if (copy_links && x_lstat(thisname, &st, NULL) == 0
+ && S_ISLNK(st.st_mode)) {
+ io_error |= IOERR_GENERAL;
+ rprintf(FERROR, "symlink has no referent: %s\n",
+@@ -982,7 +962,7 @@ struct file_struct *make_file(const char
+ int save_mode = file->mode;
+ file->mode = S_IFDIR; /* Find a directory with our name. */
+ if (flist_find(the_file_list, file) >= 0
+- && do_stat(thisname, &st2) == 0 && S_ISDIR(st2.st_mode)) {
++ && x_stat(thisname, &st2, NULL) == 0 && S_ISDIR(st2.st_mode)) {
+ file->modtime = st2.st_mtime;
+ file->len32 = 0;
+ file->mode = st2.st_mode;
--- old/loadparm.c
+++ new/loadparm.c
@@ -150,6 +150,7 @@ typedef struct
FN_LOCAL_BOOL(lp_ignore_errors, ignore_errors)
FN_LOCAL_BOOL(lp_ignore_nonreadable, ignore_nonreadable)
FN_LOCAL_BOOL(lp_list, list)
-@@ -816,7 +820,7 @@ BOOL lp_load(char *pszFname, int globals
+@@ -815,7 +819,7 @@ BOOL lp_load(char *pszFname, int globals
if (pszFname)
pstrcpy(n2,pszFname);
int do_compression = 0;
int def_compress_level = Z_DEFAULT_COMPRESSION;
-int am_root = 0;
-+int am_root = 0; /* 0 = normal, 1 = super, 2 = --super, -1 = --fake-super */
++int am_root = 0; /* 0 = normal, 1 = root, 2 = --super, -1 = --fake-super */
int am_server = 0;
int am_sender = 0;
int am_generator = 0;
-@@ -330,6 +330,7 @@ void usage(enum logcode F)
+@@ -326,6 +326,9 @@ void usage(enum logcode F)
rprintf(F," -t, --times preserve times\n");
rprintf(F," -O, --omit-dir-times omit directories when preserving times\n");
rprintf(F," --super receiver attempts super-user activities\n");
-+ rprintf(F," --fake-super fake root by storing/reading ownership/etc in EAs\n");
++#ifdef SUPPORT_XATTRS
++ rprintf(F," --fake-super store/recover privileged attrs using xattrs\n");
++#endif
rprintf(F," -S, --sparse handle sparse files efficiently\n");
rprintf(F," -n, --dry-run show what would have been transferred\n");
rprintf(F," -W, --whole-file copy files whole (without rsync algorithm)\n");
-@@ -454,6 +455,7 @@ static struct poptOption long_options[]
+@@ -451,6 +454,7 @@ static struct poptOption long_options[]
{"modify-window", 0, POPT_ARG_INT, &modify_window, OPT_MODIFY_WINDOW, 0, 0 },
{"super", 0, POPT_ARG_VAL, &am_root, 2, 0, 0 },
{"no-super", 0, POPT_ARG_VAL, &am_root, 0, 0, 0 },
{"owner", 'o', POPT_ARG_VAL, &preserve_uid, 1, 0, 0 },
{"no-owner", 0, POPT_ARG_VAL, &preserve_uid, 0, 0, 0 },
{"no-o", 0, POPT_ARG_VAL, &preserve_uid, 0, 0, 0 },
+@@ -1177,6 +1181,14 @@ int parse_arguments(int *argc, const cha
+ }
+ #endif
+
++#ifndef SUPPORT_XATTRS
++ if (am_root < 0) {
++ snprintf(err_buf, sizeof err_buf,
++ "--fake-super requires an rsync with extended attributes enabled\n");
++ return 0;
++ }
++#endif
++
+ if (write_batch && read_batch) {
+ snprintf(err_buf, sizeof err_buf,
+ "--write-batch and --read-batch can not be used together\n");
--- old/rsync.c
+++ new/rsync.c
-@@ -197,7 +197,9 @@ int set_file_attrs(char *fname, struct f
- (long)sxp->st.st_gid, (long)file->gid);
+@@ -249,7 +249,9 @@ int set_file_attrs(char *fname, struct f
+ (long)sxp->st.st_gid, (long)F_GID(file));
}
}
- if (do_lchown(fname,
-+ if (am_root < 0)
++ if (am_root < 0) {
+ ;
-+ else if (do_lchown(fname,
- change_uid ? file->uid : sxp->st.st_uid,
- change_gid ? file->gid : sxp->st.st_gid) != 0) {
++ } else if (do_lchown(fname,
+ change_uid ? F_UID(file) : sxp->st.st_uid,
+ change_gid ? F_GID(file) : sxp->st.st_gid) != 0) {
/* shouldn't have attempted to change uid or gid
-@@ -206,7 +208,7 @@ int set_file_attrs(char *fname, struct f
+@@ -258,7 +260,7 @@ int set_file_attrs(char *fname, struct f
change_uid ? "chown" : "chgrp",
full_fname(fname));
goto cleanup;
/* a lchown had been done - we have to re-stat if the
* destination had the setuid or setgid bits set due
* to the side effect of the chown call */
-@@ -237,7 +239,15 @@ int set_file_attrs(char *fname, struct f
+@@ -275,6 +277,8 @@ int set_file_attrs(char *fname, struct f
+ #ifdef SUPPORT_XATTRS
+ if (preserve_xattrs && set_xattr(fname, file, sxp) == 0)
+ updated = 1;
++ if (am_root < 0)
++ set_stat_xattr(fname, file);
+ #endif
+ #ifdef SUPPORT_ACLS
+ /* It's OK to call set_acl() now, even for a dir, as the generator
+@@ -289,7 +293,7 @@ int set_file_attrs(char *fname, struct f
#ifdef HAVE_CHMOD
- if ((sxp->st.st_mode & CHMOD_BITS) != (new_mode & CHMOD_BITS)) {
+ if (!BITS_EQUAL(sxp->st.st_mode, new_mode, CHMOD_BITS)) {
- int ret = do_chmod(fname, new_mode);
-+ int ret;
-+ if (am_root < 0) {
-+ mode_t mode = 0666 & ~orig_umask;
-+ if ((sxp->st.st_mode & CHMOD_BITS) != mode)
-+ ret = do_chmod(fname, mode);
-+ else
-+ ret = 0;
-+ } else
-+ ret = do_chmod(fname, new_mode);
++ int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode);
if (ret < 0) {
rsyserr(FERROR, errno,
"failed to set permissions on %s",
-@@ -249,6 +259,23 @@ int set_file_attrs(char *fname, struct f
- }
+--- old/rsync.h
++++ new/rsync.h
+@@ -751,6 +751,12 @@ typedef struct {
+
+ #include "proto.h"
+
++#ifndef SUPPORT_XATTRS
++#define x_stat(fn,fst,xst) do_stat(fn,fst)
++#define x_lstat(fn,fst,xst) do_lstat(fn,fst)
++#define x_fstat(fd,fst,xst) do_fstat(fd,fst)
++#endif
++
+ /* We have replacement versions of these if they're missing. */
+ #ifndef HAVE_ASPRINTF
+ int asprintf(char **ptr, const char *format, ...);
+@@ -969,6 +975,26 @@ int inet_pton(int af, const char *src, v
+ const char *get_panic_action(void);
#endif
-+ if (am_root < 0) {
-+ switch (set_stat_xattr(fname, file)) {
-+ case 0:
-+ break;
-+ case -1:
-+ rsyserr(FERROR, errno,
-+ "write of stat xattr failed for %s",
-+ full_fname(fname));
-+ break;
-+ case -2:
-+ rsyserr(FERROR, errno,
-+ "delete of stat xattr failed for %s",
-+ full_fname(fname));
-+ break;
-+ }
-+ }
++static inline int to_wire_mode(mode_t mode)
++{
++#ifdef SUPPORT_LINKS
++#if _S_IFLNK != 0120000
++ if (S_ISLNK(mode))
++ return (mode & ~(_S_IFMT)) | 0120000;
++#endif
++#endif
++ return mode;
++}
+
- if (verbose > 1 && flags & ATTRS_REPORT) {
- if (updated)
- rprintf(FCLIENT, "%s\n", fname);
---- old/rsync.h
-+++ new/rsync.h
-@@ -35,6 +35,8 @@
++static inline mode_t from_wire_mode(int mode)
++{
++#if _S_IFLNK != 0120000
++ if ((mode & (_S_IFMT)) == 0120000)
++ return (mode & ~(_S_IFMT)) | _S_IFLNK;
++#endif
++ return mode;
++}
++
+ static inline int
+ isDigit(const char *ptr)
+ {
+--- old/rsync.yo
++++ new/rsync.yo
+@@ -333,6 +333,7 @@ to the detailed description below for a
+ -t, --times preserve times
+ -O, --omit-dir-times omit directories when preserving times
+ --super receiver attempts super-user activities
++ --fake-super store/recover privileged attrs using xattrs
+ -S, --sparse handle sparse files efficiently
+ -n, --dry-run show what would have been transferred
+ -W, --whole-file copy files whole (without rsync algorithm)
+@@ -847,7 +848,7 @@ permission value can be applied to the f
+ dit(bf(-o, --owner)) This option causes rsync to set the owner of the
+ destination file to be the same as the source file, but only if the
+ receiving rsync is being run as the super-user (see also the bf(--super)
+-option to force rsync to attempt super-user activities).
++and bf(--fake-super) options).
+ Without this option, the owner is set to the invoking user on the
+ receiving side.
- #define BACKUP_SUFFIX "~"
+@@ -870,7 +871,7 @@ default, but may fall back to using the
+ dit(bf(--devices)) This option causes rsync to transfer character and
+ block device files to the remote system to recreate these devices.
+ This option has no effect if the receiving rsync is not run as the
+-super-user and bf(--super) is not specified.
++super-user (see also the bf(--super) and bf(--fake-super) options).
-+#define FAKE_XATTR "user.rsync%stat"
+ dit(bf(--specials)) This option causes rsync to transfer special files
+ such as named sockets and fifos.
+@@ -900,6 +901,33 @@ also for ensuring that you will get erro
+ being running as the super-user. To turn off super-user activities, the
+ super-user can use bf(--no-super).
+
++dit(bf(--fake-super)) When this option is enabled, rsync simulates
++super-user activities by saving/restoring the privileged attributes via a
++special extended attribute that is attached to each file (as needed). This
++includes the file's owner and group (if it is not the default), the file's
++device info (device & special files are created as empty text files), and
++any permission bits that we won't allow to be set on the real file (e.g.
++the real file gets u-s,g-s,o-t for safety) or that would limit the owner's
++access (since the real super-user can always access/change a file or
++directory, the files we create can always be accessed/changed by the
++creating user).
++
++The bf(--fake-super) option only affects the side where the option is used.
++To affect the remote side of a remote-shell connection, specify an rsync
++path:
++
++quote(tt( rsync -av --rsync-path="rsync --fake-super" /src/ host:/dest/))
++
++Since there is only one "side" in a local copy, this option affects both
++the sending and recieving of files. You'll need to specify a copy using
++"localhost" if you need to avoid this. Note, however, that it is always
++safe to copy from some non-fake-super files into some fake-super files
++using a local bf(--fake-super) command because the non-fake source files
++will just have their normal attributes.
++
++See also the "fake super" setting in the daemon's rsyncd.conf file.
++This option is overridden by both bf(--super) and bf(--no-super).
+
- /* a non-zero CHAR_OFFSET makes the rolling sum stronger, but is
- incompatible with older versions :-( */
- #define CHAR_OFFSET 0
+ dit(bf(-S, --sparse)) Try to handle sparse files efficiently so they take
+ up less space on the destination. Conflicts with bf(--inplace) because it's
+ not possible to overwrite data in a sparse fashion.
+--- old/rsyncd.conf.yo
++++ new/rsyncd.conf.yo
+@@ -226,6 +226,11 @@ file transfers to and from that module s
+ was run as root. This complements the "uid" option. The default is gid -2,
+ which is normally the group "nobody".
+
++dit(bf(fake super)) Setting "fake super = yes" for a module causes the
++daemon side to behave as if the bf(--fake-user) command-line option had
++been specified. This allows the full attributes of a file to be stored
++without having to have the daemon actually running as root.
++
+ dit(bf(filter)) The "filter" option allows you to specify a space-separated
+ list of filter rules that the daemon will not allow to be read or written.
+ This is only superficially equivalent to the client specifying these
--- old/syscall.c
+++ new/syscall.c
-@@ -22,12 +22,14 @@
- */
-
- #include "rsync.h"
-+#include "lib/sysxattr.h"
-
- #if !defined MKNOD_CREATES_SOCKETS && defined HAVE_SYS_UN_H
- #include <sys/un.h>
+@@ -28,6 +28,7 @@
#endif
extern int dry_run;
extern int read_only;
extern int list_only;
extern int preserve_perms;
-@@ -79,6 +81,15 @@ int do_mknod(char *pathname, mode_t mode
+@@ -79,6 +80,15 @@ int do_mknod(const char *pathname, mode_
{
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
#if !defined MKNOD_CREATES_FIFOS && defined HAVE_MKFIFO
if (S_ISFIFO(mode))
return mkfifo(pathname, mode);
-@@ -215,23 +226,98 @@ int do_mkstemp(char *template, mode_t pe
- #endif
- }
-
-+int get_stat_xattr(const char *fname, STRUCT_STAT *st)
-+{
-+ int mode, rdev_major, rdev_minor, uid, gid, len;
-+ char buf[256];
-+
-+ len = sys_lgetxattr(fname, FAKE_XATTR, buf, sizeof buf - 1);
-+ if (len < 0 || len >= (int)sizeof buf) {
-+ if (errno == ENOTSUP || errno == ENOATTR)
-+ return -1;
-+ return -1;
-+ }
-+ buf[len] = '\0';
-+
-+ if (sscanf(buf, "%o %d,%d %d:%d",
-+ &mode, &rdev_major, &rdev_minor, &uid, &gid) != 5) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
-+ st->st_mode = mode;
-+ st->st_rdev = MAKEDEV(rdev_major, rdev_minor);
-+ st->st_uid = uid;
-+ st->st_gid = gid;
-+
-+ return 0;
-+}
-+
-+int set_stat_xattr(const char *fname, struct file_struct *file)
-+{
-+ STRUCT_STAT fst, xst;
-+ int have_xattr;
-+ dev_t rdev;
-+ if (dry_run) return 0;
-+ RETURN_ERROR_IF_RO_OR_LO;
-+
-+ am_root = 2; /* get real stat() w/o xattr overlay */
-+ do_stat(fname, &fst);
-+ am_root = -1;
-+ have_xattr = get_stat_xattr(fname, &xst) == 0;
-+
-+ if (IS_DEVICE(file->mode) || IS_SPECIAL(file->mode))
-+ rdev = file->u.rdev;
-+ else
-+ rdev = 0;
-+ if (!IS_DEVICE(fst.st_mode) && !IS_SPECIAL(fst.st_mode))
-+ fst.st_rdev = 0; /* just in case */
-+
-+ if (fst.st_mode == file->mode && fst.st_rdev == rdev
-+ && fst.st_uid == file->uid && fst.st_gid == file->gid) {
-+ if (have_xattr && sys_lremovexattr(fname, FAKE_XATTR) < 0)
-+ return -2;
-+ return 0;
-+ }
-+
-+ if (!have_xattr
-+ || xst.st_mode != file->mode || xst.st_rdev != rdev
-+ || xst.st_uid != file->uid || xst.st_gid != file->gid) {
-+ char buf[256];
-+ int len = snprintf(buf, sizeof buf, "%o %u,%u %u:%u",
-+ (int)file->mode,
-+ (int)major(rdev), (int)minor(rdev),
-+ (int)file->uid, (int)file->gid);
-+ return sys_lsetxattr(fname, FAKE_XATTR, buf, len, 0);
-+ }
-+ return 0;
-+}
-+
- int do_stat(const char *fname, STRUCT_STAT *st)
- {
-+ int ret;
- #ifdef USE_STAT64_FUNCS
-- return stat64(fname, st);
-+ ret = stat64(fname, st);
- #else
-- return stat(fname, st);
-+ ret = stat(fname, st);
- #endif
-+ if (am_root < 0 && ret == 0)
-+ get_stat_xattr(fname, st);
-+ return ret;
- }
-
- int do_lstat(const char *fname, STRUCT_STAT *st)
- {
- #ifdef SUPPORT_LINKS
-+ int ret;
- # ifdef USE_STAT64_FUNCS
-- return lstat64(fname, st);
-+ ret = lstat64(fname, st);
- # else
-- return lstat(fname, st);
-+ ret = lstat(fname, st);
- # endif
-+ if (am_root < 0 && ret == 0)
-+ get_stat_xattr(fname, st);
-+ return ret;
- #else
- return do_stat(fname, st);
- #endif
--- old/t_unsafe.c
+++ new/t_unsafe.c
@@ -24,7 +24,11 @@
/* These are to make syscall.o shut up. */
int dry_run = 0;
-+int am_root = 0; /* TODO: add option to set this to -1. */
++int am_root = 0;
int read_only = 1;
int list_only = 0;
int preserve_perms = 0;
int preserve_perms = 0;
--- old/xattr.c
+++ new/xattr.c
-@@ -26,6 +26,7 @@
- #ifdef SUPPORT_XATTRS
-
- extern int dry_run;
-+extern int am_root;
+@@ -30,6 +30,9 @@ extern int am_root;
+ extern int read_only;
+ extern int list_only;
+ extern int preserve_xattrs;
++extern int preserve_uid;
++extern int preserve_gid;
++extern int flist_extra_ndx;
extern unsigned int file_struct_len;
#define RSYNC_XAL_INITIAL 5
-@@ -130,9 +131,15 @@ static int rsync_xal_get(const char *fna
- if (name_size == 0)
- return 0;
- for (left = name_size, name = namebuf; left > 0 ; left -= len, name += len) {
-- rsync_xa *rxas = EXPAND_ITEM_LIST(xalp, rsync_xa, RSYNC_XAL_INITIAL);
-+ rsync_xa *rxas;
+@@ -44,11 +47,16 @@ extern unsigned int file_struct_len;
+ #define SPRE_LEN ((int)sizeof SYSTEM_PREFIX - 1)
- len = strlen(name) + 1;
-+ if (am_root < 0 && len == sizeof FAKE_XATTR
-+ && name[10] == '%' && strcmp(name, FAKE_XATTR) == 0)
-+ continue;
+ #ifdef HAVE_LINUX_XATTRS
+-#define RPRE_LEN 0
++#define MIGHT_NEED_RPRE (am_root < 0)
++#define RSYNC_PREFIX USER_PREFIX "rsync."
+ #else
++#define MIGHT_NEED_RPRE am_root
+ #define RSYNC_PREFIX "rsync."
+-#define RPRE_LEN ((int)sizeof RSYNC_PREFIX - 1)
+ #endif
++#define RPRE_LEN ((int)sizeof RSYNC_PREFIX - 1)
+
-+ rxas = EXPAND_ITEM_LIST(xalp, rsync_xa, RSYNC_XAL_INITIAL);
++#define XSTAT_ATTR RSYNC_PREFIX "%stat"
++#define XSTAT_LEN ((int)sizeof XSTAT_ATTR - 1)
+
+ typedef struct {
+ char *datum, *name;
+@@ -149,6 +157,10 @@ static int rsync_xal_get(const char *fna
+ continue;
+ #endif
+
++ if (am_root < 0 && name_len == XSTAT_LEN + 1
++ && name[RPRE_LEN] == '%' && strcmp(name, XSTAT_ATTR) == 0)
++ continue;
+
- datum_size = sys_lgetxattr(fname, name, NULL, 0);
- if (datum_size < 0) {
+ datum_len = sys_lgetxattr(fname, name, NULL, 0);
+ if (datum_len < 0) {
if (errno == ENOTSUP)
-@@ -285,10 +292,19 @@ void receive_xattr(struct file_struct *f
- out_of_memory("receive_xattr");
- read_buf(f, ptr, name_len);
- read_buf(f, ptr + name_len, datum_len);
-+
-+ if (am_root < 0 && name_len == sizeof FAKE_XATTR
-+ && ptr[10] == '%' && strcmp(ptr, FAKE_XATTR) == 0) {
+@@ -178,6 +190,13 @@ static int rsync_xal_get(const char *fna
+ return -1;
+ }
+ }
++#ifdef HAVE_LINUX_XATTRS
++ if (am_root < 0 && name_len > RPRE_LEN
++ && HAS_PREFIX(name, RSYNC_PREFIX)) {
++ name += RPRE_LEN;
++ name_len -= RPRE_LEN;
++ }
++#endif
+ rxas = EXPAND_ITEM_LIST(xalp, rsync_xa, RSYNC_XAL_INITIAL);
+ rxas->name = ptr + datum_len;
+ rxas->datum = ptr;
+@@ -298,13 +317,9 @@ void receive_xattr(struct file_struct *f
+ rsync_xa *rxa;
+ size_t name_len = read_int(f);
+ size_t datum_len = read_int(f);
+-#ifdef HAVE_LINUX_XATTRS
+- size_t extra_len = 0;
+-#else
+- size_t extra_len = am_root ? RPRE_LEN : 0;
++ size_t extra_len = MIGHT_NEED_RPRE ? RPRE_LEN : 0;
+ if (datum_len + extra_len < datum_len)
+ out_of_memory("receive_xattr"); /* overflow */
+-#endif
+ if (name_len + datum_len + extra_len < name_len)
+ out_of_memory("receive_xattr"); /* overflow */
+ ptr = new_array(char, name_len + datum_len + extra_len);
+@@ -315,9 +330,14 @@ void receive_xattr(struct file_struct *f
+ read_buf(f, ptr, datum_len);
+ #ifdef HAVE_LINUX_XATTRS
+ /* Non-root can only save the user namespace. */
+- if (!am_root && !HAS_PREFIX(name, USER_PREFIX)) {
+- free(ptr);
+- continue;
++ if (am_root <= 0 && !HAS_PREFIX(name, USER_PREFIX)) {
++ if (!am_root) {
++ free(ptr);
++ continue;
++ }
++ name -= RPRE_LEN;
++ name_len += RPRE_LEN;
++ memcpy(name, RSYNC_PREFIX, RPRE_LEN);
+ }
+ #else
+ /* This OS only has a user namespace, so we either
+@@ -335,6 +355,12 @@ void receive_xattr(struct file_struct *f
+ continue;
+ }
+ #endif
++ if (am_root < 0 && name_len == XSTAT_LEN + 1
++ && name[RPRE_LEN] == '%'
++ && strcmp(name, XSTAT_ATTR) == 0) {
+ free(ptr);
-+ temp_xattr.count--;
+ continue;
+ }
+ rxa = EXPAND_ITEM_LIST(&temp_xattr, rsync_xa, count);
+ rxa->name = name;
+ rxa->datum = ptr;
+@@ -412,4 +438,149 @@ int set_xattr(const char *fname, const s
+ return rsync_xal_set(fname, lst + ndx); /* TODO: This needs to return 1 if no xattrs changed! */
+ }
+
++int get_stat_xattr(const char *fname, int fd, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int mode, rdev_major, rdev_minor, uid, gid, len;
++ char buf[256];
++
++ if (am_root >= 0 || IS_DEVICE(fst->st_mode) || IS_SPECIAL(fst->st_mode))
++ return -1;
++
++ if (xst)
++ *xst = *fst;
++ else
++ xst = fst;
++ if (fname) {
++ fd = -1;
++ len = sys_lgetxattr(fname, XSTAT_ATTR, buf, sizeof buf - 1);
++ } else {
++ fname = "fd";
++ len = sys_fgetxattr(fd, XSTAT_ATTR, buf, sizeof buf - 1);
++ }
++ if (len >= (int)sizeof buf) {
++ len = -1;
++ errno = ERANGE;
++ }
++ if (len < 0) {
++ if (errno == ENOTSUP || errno == ENOATTR)
++ return -1;
++ if (errno == EPERM && S_ISLNK(fst->st_mode)) {
++ xst->st_uid = 0;
++ xst->st_gid = 0;
++ return 0;
++ }
++ rsyserr(FERROR, errno, "failed to read xattr %s for %s",
++ XSTAT_ATTR, full_fname(fname));
++ return -1;
++ }
++ buf[len] = '\0';
++
++ if (sscanf(buf, "%o %d,%d %d:%d",
++ &mode, &rdev_major, &rdev_minor, &uid, &gid) != 5) {
++ rprintf(FERROR, "Corrupt %s xattr attached to %s: \"%s\"\n",
++ XSTAT_ATTR, full_fname(fname), buf);
++ exit_cleanup(RERR_FILEIO);
++ }
++
++ xst->st_mode = from_wire_mode(mode);
++ xst->st_rdev = MAKEDEV(rdev_major, rdev_minor);
++ xst->st_uid = uid;
++ xst->st_gid = gid;
+
- rxa->name_len = name_len;
- rxa->datum_len = datum_len;
- rxa->name = ptr;
- rxa->datum = ptr + name_len;
++ return 0;
++}
++
++int set_stat_xattr(const char *fname, struct file_struct *file)
++{
++ STRUCT_STAT fst, xst;
++ dev_t rdev;
++ mode_t mode, fmode;
++
++ if (dry_run)
++ return 0;
++
++ if (read_only || list_only) {
++ rsyserr(FERROR, EROFS, "failed to write xattr %s for %s",
++ XSTAT_ATTR, full_fname(fname));
++ return -1;
++ }
++
++ if (x_lstat(fname, &fst, &xst) < 0) {
++ rsyserr(FERROR, errno, "failed to re-stat %s",
++ full_fname(fname));
++ return -1;
++ }
++
++ fst.st_mode &= (_S_IFMT | CHMOD_BITS);
++ fmode = file->mode & (_S_IFMT | CHMOD_BITS);
++
++ if (IS_DEVICE(fmode) || IS_SPECIAL(fmode))
++ rdev = MAKEDEV(F_DMAJOR(file), F_DMINOR(file));
++ else
++ rdev = 0;
++
++ /* Dump the special permissions and enable full owner access. */
++ mode = (fst.st_mode & _S_IFMT) | (fmode & ACCESSPERMS)
++ | (S_ISDIR(fst.st_mode) ? 0700 : 0600);
++ if (fst.st_mode != mode)
++ do_chmod(fname, mode);
++ if (!IS_DEVICE(fst.st_mode) && !IS_SPECIAL(fst.st_mode))
++ fst.st_rdev = 0; /* just in case */
++
++ if (mode == fmode && fst.st_rdev == rdev
++ && fst.st_uid == F_UID(file) && fst.st_gid == F_GID(file)) {
++ /* xst.st_mode will be 0 if there's no current stat xattr */
++ if (xst.st_mode && sys_lremovexattr(fname, XSTAT_ATTR) < 0) {
++ rsyserr(FERROR, errno,
++ "delete of stat xattr failed for %s",
++ full_fname(fname));
++ return -1;
++ }
++ return 0;
++ }
++
++ if (xst.st_mode != fmode || xst.st_rdev != rdev
++ || xst.st_uid != F_UID(file) || xst.st_gid != F_GID(file)) {
++ char buf[256];
++ int len = snprintf(buf, sizeof buf, "%o %u,%u %u:%u",
++ to_wire_mode(fmode),
++ (int)major(rdev), (int)minor(rdev),
++ (int)F_UID(file), (int)F_GID(file));
++ if (sys_lsetxattr(fname, XSTAT_ATTR, buf, len) < 0) {
++ if (errno == EPERM && S_ISLNK(fst.st_mode))
++ return 0;
++ rsyserr(FERROR, errno,
++ "failed to write xattr %s for %s",
++ XSTAT_ATTR, full_fname(fname));
++ return -1;
++ }
++ }
++
++ return 0;
++}
++
++int x_stat(const char *fname, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int ret = do_stat(fname, fst);
++ if ((ret < 0 || get_stat_xattr(fname, -1, fst, xst) < 0) && xst)
++ xst->st_mode = 0;
++ return ret;
++}
++
++int x_lstat(const char *fname, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int ret = do_lstat(fname, fst);
++ if ((ret < 0 || get_stat_xattr(fname, -1, fst, xst) < 0) && xst)
++ xst->st_mode = 0;
++ return ret;
++}
++
++int x_fstat(int fd, STRUCT_STAT *fst, STRUCT_STAT *xst)
++{
++ int ret = do_fstat(fd, fst);
++ if ((ret < 0 || get_stat_xattr(NULL, fd, fst, xst) < 0) && xst)
++ xst->st_mode = 0;
++ return ret;
++}
+
- #ifdef HAVE_OSX_XATTRS
- if (strncmp(rxa->name, unique_prefix, upre_len) == 0) {
- rxa->name_len -= upre_len;
+ #endif /* SUPPORT_XATTRS */
git.samba.org / rsync-patches.git / blobdiff