rpms/tar
7
0
Fork 0
Code Issues Pull Requests Releases Activity

acls: extract default ACLs correctly

Browse Source 
When --acls option is passed, extracted files must have exactly
the same ACLs (even default ACLs) as is stored in archive.

Resolves: #1082603
Version: 1.27.1-3
This commit is contained in:
Pavel Raiskup 2014-03-31 15:07:37 +02:00
parent 6096299afa
commit 486bd7adf8
2 changed files with 92 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
tar-1.27.1-default-acls.patch Normal file
View File

@ -0,0 +1,84 @@
diff --git a/configure.ac b/configure.ac
index c9d1250..dbf991a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -79,7 +79,8 @@ AC_ARG_WITH([posix-acls],
if test "x$with_posix_acls" != "xno"; then
AC_CHECK_HEADERS(sys/acl.h,, [with_posix_acls=no])
for tar_acl_func in acl_get_file acl_get_fd acl_set_file acl_set_fd \
- acl_to_text acl_from_text; do \
+ acl_to_text acl_from_text acl_delete_def_file \
+ acl_free; do \
test "x$with_posix_acls" = xno && break
AC_SEARCH_LIBS([$tar_acl_func], [acl pacl], [], [with_posix_acls=no])
done
diff --git a/src/xattrs.c b/src/xattrs.c
index 3137e9a..6ec34ce 100644
--- a/src/xattrs.c
+++ b/src/xattrs.c
@@ -61,6 +61,7 @@ static struct
static acl_t acl_get_file_at (int, const char *, acl_type_t);
static int acl_set_file_at (int, const char *, acl_type_t, acl_t);
static int file_has_acl_at (int, char const *, struct stat const *);
+static int acl_delete_def_file_at (int, char const *);
/* acl_get_file_at */
#define AT_FUNC_NAME acl_get_file_at
@@ -88,6 +89,17 @@ static int file_has_acl_at (int, char const *, struct stat const *);
#undef AT_FUNC_POST_FILE_PARAM_DECLS
#undef AT_FUNC_POST_FILE_ARGS
+/* acl_delete_def_file_at */
+#define AT_FUNC_NAME acl_delete_def_file_at
+#define AT_FUNC_F1 acl_delete_def_file
+#define AT_FUNC_POST_FILE_PARAM_DECLS
+#define AT_FUNC_POST_FILE_ARGS
+#include "at-func.c"
+#undef AT_FUNC_NAME
+#undef AT_FUNC_F1
+#undef AT_FUNC_POST_FILE_PARAM_DECLS
+#undef AT_FUNC_POST_FILE_ARGS
+
/* gnulib file_has_acl_at */
#define AT_FUNC_NAME file_has_acl_at
#define AT_FUNC_F1 file_has_acl
@@ -187,7 +199,8 @@ fixup_extra_acl_fields (char *ptr)
return ptr;
}
-/* "system.posix_acl_access" */
+/* Set the "system.posix_acl_access/system.posix_acl_default" extended
+ attribute. Called only when acls_option > 0. */
static void
xattrs__acls_set (struct tar_stat_info const *st,
char const *file_name, int type,
@@ -199,15 +212,23 @@ xattrs__acls_set (struct tar_stat_info const *st,
{
/* assert (strlen (ptr) == len); */
ptr = fixup_extra_acl_fields (ptr);
-
acl = acl_from_text (ptr);
- acls_option = 1;
}
- else if (acls_option > 0)
+ else if (def)
+ {
+ /* No "default" IEEE 1003.1e ACL set for directory. At this moment,
+ FILE_NAME may already have inherited default acls from parent
+ directory; clean them up. */
+ if (acl_delete_def_file_at (chdir_fd, file_name))
+ WARNOPT (WARN_XATTR_WRITE,
+ (0, errno,
+ _("acl_delete_def_file_at: Cannot drop default POSIX ACLs "
+ "for file '%s'"),
+ file_name));
+ return;
+ }
+ else
acl = perms2acl (st->stat.st_mode);
- else
- return; /* don't call acl functions unless we first hit an ACL, or
- --acls was passed explicitly */
if (!acl)
{

8
tar.spec
View File

@ -69,6 +69,12 @@ Patch8: tar-1.26-xattrs-include-implies-xattrs.patch
# ~> related to #903666 # ~> related to #903666
Patch9: tar-1.27.1-document-exclude-mistakes.patch Patch9: tar-1.27.1-document-exclude-mistakes.patch
# Extract default ACLs which are stored in archive if --acls is passed.
# ~> upstream (7fe7adcbb985)
# http://www.mail-archive.com/bug-tar@gnu.org/msg04355.html
# ~> #1082603
Patch10: tar-1.27.1-default-acls.patch
# run "make check" by default # run "make check" by default
%bcond_without check %bcond_without check
@ -111,6 +117,7 @@ the rmt package on the remote box.
%patch7 -p1 -b .xattrs-documentation %patch7 -p1 -b .xattrs-documentation
%patch8 -p1 -b .xattrs-if-xattrs-include %patch8 -p1 -b .xattrs-if-xattrs-include
%patch9 -p1 -b .document-exclude-mistakes %patch9 -p1 -b .document-exclude-mistakes
%patch10 -p1 -b .default-acls
autoreconf -v autoreconf -v
@ -171,6 +178,7 @@ fi
%changelog %changelog
* Mon Mar 31 2014 Pavel Raiskup <praiskup@redhat.com> - 1.27.1-3 * Mon Mar 31 2014 Pavel Raiskup <praiskup@redhat.com> - 1.27.1-3
- document --exclude mistakes (#903666) - document --exclude mistakes (#903666)
- fix default ACLs propagation (#1082603)
* Fri Nov 29 2013 Pavel Raiskup <praiskup@redhat.com> - 1.27.1-2 * Fri Nov 29 2013 Pavel Raiskup <praiskup@redhat.com> - 1.27.1-2
- sync manual page contents with help2man output - sync manual page contents with help2man output