From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Markus Frank <m.frank@proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Subject: Re: [pbs-devel] [PATCH proxmox-backup 2/3] skip xattr/acl/ownership options
Date: Wed, 17 Aug 2022 09:36:35 +0200 [thread overview]
Message-ID: <20220817073635.ptxqfvesta4udyvf@casey.proxmox.com> (raw)
In-Reply-To: <20220816091929.26309-3-m.frank@proxmox.com>
On Tue, Aug 16, 2022 at 11:19:28AM +0200, Markus Frank wrote:
> added cases to skip xattr/acl/ownership if the flags are not set.
> Also added WITH_PERMISSIONS to Default-Flags, because otherwise it
> would be needed to activly set it and most filesystems that support
> XATTR and ACL also support POSIX-Permissions.
>
> Signed-off-by: Markus Frank <m.frank@proxmox.com>
> ---
> pbs-client/src/pxar/flags.rs | 1 +
> pbs-client/src/pxar/metadata.rs | 48 +++++++++++++++++++++------------
> 2 files changed, 32 insertions(+), 17 deletions(-)
>
> diff --git a/pbs-client/src/pxar/flags.rs b/pbs-client/src/pxar/flags.rs
> index d46c8af3..938d0c57 100644
> --- a/pbs-client/src/pxar/flags.rs
> +++ b/pbs-client/src/pxar/flags.rs
> @@ -135,6 +135,7 @@ bitflags! {
> Flags::WITH_FLAG_PROJINHERIT.bits() |
> Flags::WITH_SUBVOLUME.bits() |
> Flags::WITH_SUBVOLUME_RO.bits() |
> + Flags::WITH_PERMISSIONS.bits() |
> Flags::WITH_XATTRS.bits() |
> Flags::WITH_ACL.bits() |
> Flags::WITH_SELINUX.bits() |
> diff --git a/pbs-client/src/pxar/metadata.rs b/pbs-client/src/pxar/metadata.rs
> index 22bc5f9d..3195fb03 100644
> --- a/pbs-client/src/pxar/metadata.rs
> +++ b/pbs-client/src/pxar/metadata.rs
> @@ -100,27 +100,17 @@ pub fn apply(
> on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
> ) -> Result<(), Error> {
> let c_proc_path = CString::new(format!("/proc/self/fd/{}", fd)).unwrap();
> + apply_ownership(flags, c_proc_path.as_ptr(), metadata, &mut *on_error)?;
>
> - unsafe {
> - // UID and GID first, as this fails if we lose access anyway.
> - c_result!(libc::chown(
> - c_proc_path.as_ptr(),
> - metadata.stat.uid,
> - metadata.stat.gid
> - ))
> - .map(drop)
> - .or_else(allow_notsupp)
> - .map_err(|err| format_err!("failed to set ownership: {}", err))
> - .or_else(&mut *on_error)?;
> - }
> -
> - let mut skip_xattrs = false;
> + let mut skip_xattrs = !flags.contains(Flags::WITH_XATTRS);
> apply_xattrs(flags, c_proc_path.as_ptr(), metadata, &mut skip_xattrs)
> .or_else(&mut *on_error)?;
> add_fcaps(flags, c_proc_path.as_ptr(), metadata, &mut skip_xattrs).or_else(&mut *on_error)?;
> - apply_acls(flags, &c_proc_path, metadata, path_info)
> - .map_err(|err| format_err!("failed to apply acls: {}", err))
> - .or_else(&mut *on_error)?;
> + if flags.contains(Flags::WITH_ACL) {
> + apply_acls(flags, &c_proc_path, metadata, path_info)
> + .map_err(|err| format_err!("failed to apply acls: {}", err))
> + .or_else(&mut *on_error)?;
> + }
> apply_quota_project_id(flags, fd, metadata).or_else(&mut *on_error)?;
>
> // Finally mode and time. We may lose access with mode, but the changing the mode also
> @@ -162,6 +152,30 @@ pub fn apply(
> Ok(())
> }
>
> +pub fn apply_ownership(
> + flags: Flags,
> + c_proc_path: *const libc::c_char,
> + metadata: &Metadata,
> + on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
> +) -> Result<(), Error> {
> + if !flags.contains(Flags::WITH_PERMISSIONS) {
> + return Ok(());
> + }
While we're at it, I think we should rename `WITH_PERMISSIONS` to
`WITH_OWNER`, as it doesn't affect permissions ;-)
We could mask the chmod call in metadata::apply with this instead and
have both flags separately?
But I'd like to get rid fo this confusion in the code :-)
> + unsafe {
> + // UID and GID first, as this fails if we lose access anyway.
> + c_result!(libc::chown(
> + c_proc_path,
> + metadata.stat.uid,
> + metadata.stat.gid
> + ))
> + .map(drop)
> + .or_else(allow_notsupp)
> + .map_err(|err| format_err!("failed to set ownership: {}", err))
> + .or_else(&mut *on_error)?;
> + }
> + Ok(())
> +}
> +
> fn add_fcaps(
> flags: Flags,
> c_proc_path: *const libc::c_char,
> --
> 2.30.2
next prev parent reply other threads:[~2022-08-17 7:37 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-16 9:19 [pbs-devel] [PATCH proxmox-backup 0/3] pbs-client feature #3923 Markus Frank
2022-08-16 9:19 ` [pbs-devel] [PATCH proxmox-backup 1/3] added overwrite-existing-files as Markus Frank
2022-08-16 9:48 ` Markus Frank
2022-08-17 7:31 ` Wolfgang Bumiller
2022-08-16 9:19 ` [pbs-devel] [PATCH proxmox-backup 2/3] skip xattr/acl/ownership options Markus Frank
2022-08-17 7:36 ` Wolfgang Bumiller [this message]
2022-08-16 9:19 ` [pbs-devel] [PATCH proxmox-backup 3/3] added ignore-acl/xattr/ownership & overwrite parameter to proxmox-backup-client Markus Frank
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220817073635.ptxqfvesta4udyvf@casey.proxmox.com \
--to=w.bumiller@proxmox.com \
--cc=m.frank@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox