Odd ACL question
Harti Brandt
brandt at fokus.fraunhofer.de
Mon Feb 9 03:33:18 PST 2004
On Sun, 8 Feb 2004, Tim Kientzle wrote:
TK>On Sat, 7 Feb 2004, Tim Kientzle wrote:
TK>>Joerg Schilling's "star" archives ACLs as follows:
TK>>
TK>>"user::rwx,group::r--,group:mail:rw-:6,mask::rw-,other::r--"
TK>>
TK>>Note the "group:mail:rw-:6" entry that contains a fourth
TK>>field with the uid/gid number. ...
TK>>
TK>>Question: Is this a useful extension?
TK>
TK>Harti Brandt responded:
TK>> It definitely is. Joerg and I had several hours of talk on this issue.
TK>> If you, for example, restore on a system that usually gets its passwd from
TK>> YP or LDAP and you don't have it available ...
TK>
TK>Ah. That's the example I needed. Now to figure out how to implement
TK>such functionality; hacking the acl library functions may
TK>not be the best approach, but I'm equally dismayed by the prospect
TK>of duplicating the acl library functions in my code. ;-(
TK>
TK>> As far as I know there are options to star that let you select the exact
TK>> behaviour in these cases.
TK>
TK>This is one difference between 'star' and my work: 'star' offers
TK>a great deal of control over the archiving/dearchiving
TK>process; my work tries to remove the need for such control
TK>by using intelligent algorithms. For example, bsdtar/libarchive
TK>doesn't require you to specify the compression when reading archives;
TK>it determines it automatically.
TK>
TK>In this case, I'm considering:
TK> * If the username exists, use that.
TK> * If the username does not exist and the UID is not already in
TK> use, issue a warning and use the UID.
TK> * If the username exists and the UID conflicts with the local
TK> system, ???
TK>
TK>This last case is the tough one. My temptation: map it to
TK>an unused UID, issue a warning about the remap, and keep going.
That may cause the problem I described. This may leave a file in a user
directory that the user cannot delete without intervention of the root
user, but its probably the simplest solution. What about non-existing
groups?
I remember talking with Joerg about this, but cannot remember the outcome
of this. You may want to ask him.
TK>There are certainly rare cases where manual control is
TK>needed. That's why I'm pleased that 'star' is available
TK>in ports. ;-)
Are you going to replace that horrible thing called GNU tar in the bases
system?
harti
--
harti brandt,
http://www.fokus.fraunhofer.de/research/cc/cats/employees/hartmut.brandt/private
brandt at fokus.fraunhofer.de, harti at freebsd.org
More information about the freebsd-hackers
mailing list