From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <m.frank@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id CA2868A832
 for <pbs-devel@lists.proxmox.com>; Thu, 18 Aug 2022 13:07:16 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id C882C2FDD3
 for <pbs-devel@lists.proxmox.com>; Thu, 18 Aug 2022 13:07:16 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pbs-devel@lists.proxmox.com>; Thu, 18 Aug 2022 13:07:15 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id AC9264491A
 for <pbs-devel@lists.proxmox.com>; Thu, 18 Aug 2022 13:07:08 +0200 (CEST)
From: Markus Frank <m.frank@proxmox.com>
To: pbs-devel@lists.proxmox.com
Date: Thu, 18 Aug 2022 13:06:53 +0200
Message-Id: <20220818110654.56988-3-m.frank@proxmox.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220818110654.56988-1-m.frank@proxmox.com>
References: <20220818110654.56988-1-m.frank@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.072 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pbs-devel] [PATCH proxmox-backup v2 2/3] pbs-client: added options
 to skip xattr/acl/ownership/permissions
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2022 11:07:16 -0000

Also added WITH_OWNER and WITH_PERMISSION to Default-Flags,
because otherwise it would be needed to activly set these flags and most
filesystems that support XATTR and ACL also support
POSIX-Permissions & Ownership.

Signed-off-by: Markus Frank <m.frank@proxmox.com>
---
v2: 
* created new WITH_OWNER Flag and use WITH_PERMISSIONS for skipping chmod
* removed redundant if 

 pbs-client/src/pxar/flags.rs    |  6 +++++
 pbs-client/src/pxar/metadata.rs | 40 +++++++++++++++++++++------------
 2 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/pbs-client/src/pxar/flags.rs b/pbs-client/src/pxar/flags.rs
index d46c8af3..b3280de7 100644
--- a/pbs-client/src/pxar/flags.rs
+++ b/pbs-client/src/pxar/flags.rs
@@ -71,6 +71,9 @@ bitflags! {
         /// Preserve XFS/ext4/ZFS project quota ID
         const WITH_QUOTA_PROJID                = 0x0001_0000_0000;
 
+        /// UNIX OWNERSHIP
+        const WITH_OWNER                       = 0x0002_0000_0000;
+
         /// Support ".pxarexclude" files
         const EXCLUDE_FILE                     = 0x1000_0000_0000_0000;
         /// Exclude submounts
@@ -105,6 +108,7 @@ bitflags! {
             Flags::WITH_2SEC_TIME.bits() |
             Flags::WITH_READ_ONLY.bits() |
             Flags::WITH_PERMISSIONS.bits() |
+            Flags::WITH_OWNER.bits() |
             Flags::WITH_SYMLINKS.bits() |
             Flags::WITH_DEVICE_NODES.bits() |
             Flags::WITH_FIFOS.bits() |
@@ -135,6 +139,8 @@ bitflags! {
             Flags::WITH_FLAG_PROJINHERIT.bits() |
             Flags::WITH_SUBVOLUME.bits() |
             Flags::WITH_SUBVOLUME_RO.bits() |
+            Flags::WITH_PERMISSIONS.bits() |
+            Flags::WITH_OWNER.bits() |
             Flags::WITH_XATTRS.bits() |
             Flags::WITH_ACL.bits() |
             Flags::WITH_SELINUX.bits() |
diff --git a/pbs-client/src/pxar/metadata.rs b/pbs-client/src/pxar/metadata.rs
index 22bc5f9d..be1911a7 100644
--- a/pbs-client/src/pxar/metadata.rs
+++ b/pbs-client/src/pxar/metadata.rs
@@ -100,19 +100,7 @@ pub fn apply(
     on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
 ) -> Result<(), Error> {
     let c_proc_path = CString::new(format!("/proc/self/fd/{}", fd)).unwrap();
-
-    unsafe {
-        // UID and GID first, as this fails if we lose access anyway.
-        c_result!(libc::chown(
-            c_proc_path.as_ptr(),
-            metadata.stat.uid,
-            metadata.stat.gid
-        ))
-        .map(drop)
-        .or_else(allow_notsupp)
-        .map_err(|err| format_err!("failed to set ownership: {}", err))
-        .or_else(&mut *on_error)?;
-    }
+    apply_ownership(flags, c_proc_path.as_ptr(), metadata, &mut *on_error)?;
 
     let mut skip_xattrs = false;
     apply_xattrs(flags, c_proc_path.as_ptr(), metadata, &mut skip_xattrs)
@@ -125,7 +113,7 @@ pub fn apply(
 
     // Finally mode and time. We may lose access with mode, but the changing the mode also
     // affects times.
-    if !metadata.is_symlink() {
+    if !metadata.is_symlink() && flags.contains(Flags::WITH_PERMISSIONS) {
         c_result!(unsafe {
             libc::chmod(c_proc_path.as_ptr(), perms_from_metadata(metadata)?.bits())
         })
@@ -162,6 +150,30 @@ pub fn apply(
     Ok(())
 }
 
+pub fn apply_ownership(
+    flags: Flags,
+    c_proc_path: *const libc::c_char,
+    metadata: &Metadata,
+    on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
+) -> Result<(), Error> {
+    if !flags.contains(Flags::WITH_OWNER) {
+        return Ok(());
+    }
+    unsafe {
+        // UID and GID first, as this fails if we lose access anyway.
+        c_result!(libc::chown(
+            c_proc_path,
+            metadata.stat.uid,
+            metadata.stat.gid
+        ))
+        .map(drop)
+        .or_else(allow_notsupp)
+        .map_err(|err| format_err!("failed to set ownership: {}", err))
+        .or_else(&mut *on_error)?;
+    }
+    Ok(())
+}
+
 fn add_fcaps(
     flags: Flags,
     c_proc_path: *const libc::c_char,
-- 
2.30.2