[pbs-devel] [PATCH proxmox-backup 2/3] skip xattr/acl/ownership options

Wolfgang Bumiller w.bumiller at proxmox.com
Wed Aug 17 09:36:35 CEST 2022


On Tue, Aug 16, 2022 at 11:19:28AM +0200, Markus Frank wrote:
> added cases to skip xattr/acl/ownership if the flags are not set.
> Also added WITH_PERMISSIONS to Default-Flags, because otherwise it
> would be needed to activly set it and most filesystems that support
> XATTR and ACL also support POSIX-Permissions.
> 
> Signed-off-by: Markus Frank <m.frank at proxmox.com>
> ---
>  pbs-client/src/pxar/flags.rs    |  1 +
>  pbs-client/src/pxar/metadata.rs | 48 +++++++++++++++++++++------------
>  2 files changed, 32 insertions(+), 17 deletions(-)
> 
> diff --git a/pbs-client/src/pxar/flags.rs b/pbs-client/src/pxar/flags.rs
> index d46c8af3..938d0c57 100644
> --- a/pbs-client/src/pxar/flags.rs
> +++ b/pbs-client/src/pxar/flags.rs
> @@ -135,6 +135,7 @@ bitflags! {
>              Flags::WITH_FLAG_PROJINHERIT.bits() |
>              Flags::WITH_SUBVOLUME.bits() |
>              Flags::WITH_SUBVOLUME_RO.bits() |
> +            Flags::WITH_PERMISSIONS.bits() |
>              Flags::WITH_XATTRS.bits() |
>              Flags::WITH_ACL.bits() |
>              Flags::WITH_SELINUX.bits() |
> diff --git a/pbs-client/src/pxar/metadata.rs b/pbs-client/src/pxar/metadata.rs
> index 22bc5f9d..3195fb03 100644
> --- a/pbs-client/src/pxar/metadata.rs
> +++ b/pbs-client/src/pxar/metadata.rs
> @@ -100,27 +100,17 @@ pub fn apply(
>      on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
>  ) -> Result<(), Error> {
>      let c_proc_path = CString::new(format!("/proc/self/fd/{}", fd)).unwrap();
> +    apply_ownership(flags, c_proc_path.as_ptr(), metadata, &mut *on_error)?;
>  
> -    unsafe {
> -        // UID and GID first, as this fails if we lose access anyway.
> -        c_result!(libc::chown(
> -            c_proc_path.as_ptr(),
> -            metadata.stat.uid,
> -            metadata.stat.gid
> -        ))
> -        .map(drop)
> -        .or_else(allow_notsupp)
> -        .map_err(|err| format_err!("failed to set ownership: {}", err))
> -        .or_else(&mut *on_error)?;
> -    }
> -
> -    let mut skip_xattrs = false;
> +    let mut skip_xattrs = !flags.contains(Flags::WITH_XATTRS);
>      apply_xattrs(flags, c_proc_path.as_ptr(), metadata, &mut skip_xattrs)
>          .or_else(&mut *on_error)?;
>      add_fcaps(flags, c_proc_path.as_ptr(), metadata, &mut skip_xattrs).or_else(&mut *on_error)?;
> -    apply_acls(flags, &c_proc_path, metadata, path_info)
> -        .map_err(|err| format_err!("failed to apply acls: {}", err))
> -        .or_else(&mut *on_error)?;
> +    if flags.contains(Flags::WITH_ACL) {
> +        apply_acls(flags, &c_proc_path, metadata, path_info)
> +            .map_err(|err| format_err!("failed to apply acls: {}", err))
> +            .or_else(&mut *on_error)?;
> +    }
>      apply_quota_project_id(flags, fd, metadata).or_else(&mut *on_error)?;
>  
>      // Finally mode and time. We may lose access with mode, but the changing the mode also
> @@ -162,6 +152,30 @@ pub fn apply(
>      Ok(())
>  }
>  
> +pub fn apply_ownership(
> +    flags: Flags,
> +    c_proc_path: *const libc::c_char,
> +    metadata: &Metadata,
> +    on_error: &mut (dyn FnMut(Error) -> Result<(), Error> + Send),
> +) -> Result<(), Error> {
> +    if !flags.contains(Flags::WITH_PERMISSIONS) {
> +        return Ok(());
> +    }

While we're at it, I think we should rename `WITH_PERMISSIONS` to
`WITH_OWNER`, as it doesn't affect permissions ;-)
We could mask the chmod call in metadata::apply with this instead and
have both flags separately?

But I'd like to get rid fo this confusion in the code :-)

> +    unsafe {
> +        // UID and GID first, as this fails if we lose access anyway.
> +        c_result!(libc::chown(
> +            c_proc_path,
> +            metadata.stat.uid,
> +            metadata.stat.gid
> +        ))
> +        .map(drop)
> +        .or_else(allow_notsupp)
> +        .map_err(|err| format_err!("failed to set ownership: {}", err))
> +        .or_else(&mut *on_error)?;
> +    }
> +    Ok(())
> +}
> +
>  fn add_fcaps(
>      flags: Flags,
>      c_proc_path: *const libc::c_char,
> -- 
> 2.30.2





More information about the pbs-devel mailing list