Bug 1052876

Summary: Handling of ACLs
Product: [Fedora] Fedora Reporter: M. Steinborn <gnugv_maintainer>
Component: tarAssignee: Ondrej Dubaj <odubaj>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: cristian.ciupitu, kdudka, odubaj, ovasik, panovotn, praiskup, travneff
Target Milestone: ---Keywords: FutureFeature, Reopened
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-07 07:22:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 771927    
Attachments:
Description Flags
Suggested patch series
none
Patch rebased to tar 1.29 none

Description M. Steinborn 2014-01-14 09:43:32 UTC 
Created attachment 849828 [details]
Suggested patch series

Storing and restoring ACLs in tar archives should be improved:


(1) tar archive creation with "--numeric-owner" option:

In this case, users are expectiing that the archive does not contain any symbolic owner name, so it can be extracted to an emoty hard disc on a system bootet e. g. by a rescue cd from Redhat. Current sitation is that ACLs still include the symbolic owner and not the numeric owner.


This is quite trivial to fix:

Replace all ocurences of "val = acl_to_text(acl, &len);" by "val = acl_to_any_text(acl, 0, ',', ( numeric_owner_option?TEXT_NUMERIC_IDS:0));" and followed by "len=strlen(val);" after the "if (!val)" error-handling.



Effect: Numeric owner is stored.

I'd like to note that this improvement is essential to me.



(2a) tar archive creation without "--numeric-owner" option:

In GNU tar 1.26, for every file the owner is stored both, symbolic and numeric. I would expect that ACLs are stored in both ways, too. star shows us how to do that:


star stores the numeric owner in a forth field of an acl: (e.g. "u:msteinbo:rwx:500").




(2b) tar extract should use the 4th field (discussed in point 2) in presence of "-numeric-owner".


This together with point (2) enabled users to restore an backup created without numeric owner option on a clean hard disc without passwd entries for the users (let's assume that /etc/passwd is contained in the archive so the operation makes sense).

I'd like to mention that this point would increase star compatibility a lot.



(see also http://lists.gnu.org/archive/html/bug-tar/2013-03/msg00021.html
upstream maintainer "Paul Eggert" says in
http://lists.gnu.org/archive/html/bug-tar/2013-04/msg00024.html:
"That sort of thing all sounds reasonable, I guess. I'd like Sergey's opinion though.".

In the meantime, I have reworked the patches so that do not contain any code I do not have copyright for. 


The patches are made to apply on version "1.27.1-1.fc21".
Comment 1 Pavel Raiskup 2014-01-14 11:55:40 UTC 
[SKIP http://www.mail-archive.com/bug-tar@gnu.org/msg03971.html]

> (see also http://lists.gnu.org/archive/html/bug-tar/2013-03/msg00021.html
> upstream maintainer "Paul Eggert" says in
> http://lists.gnu.org/archive/html/bug-tar/2013-04/msg00024.html:
> "That sort of thing all sounds reasonable, I guess. I'd like Sergey's
> opinion though.".

Thanks for this bugreport and fixes (and making upstream aware).  I think that
the best approach is to make the patches upstream first.  So please wait at
least for upstream POV.
Comment 2 Pavel Raiskup 2016-05-31 06:17:15 UTC 
The crash is fixed upstream: 0a93c16c6299d4ea91f2eb04f8c997d7d58f9af8

Released in v1.29 (F25+).
Comment 3 M. Steinborn 2016-05-31 16:23:18 UTC 
Sorry, I cannot follow you. The commit fixes an unrelated problem. It has nothing to do with this bug report.
Comment 4 Pavel Raiskup 2016-06-01 06:05:08 UTC 
Oh, sorry Marcus, wrong bug.
Comment 5 Pavel Raiskup 2016-06-01 06:07:54 UTC 
I was about to close #866071.  Markus, while we touched this bug, what is the
status of upstream inclusion?  Can we ping a bit upstream?
Comment 6 M. Steinborn 2016-06-05 12:05:22 UTC 
Created attachment 1164879 [details]
Patch rebased to tar 1.29
Comment 7 Ondrej Dubaj 2021-10-07 07:22:41 UTC 
Issue fixed in rawhide.