Debian Bug report logs -
#424638
exporting of acls instead of mapping them
Reported by: martin f krafft <madduck@debian.org>
Date: Wed, 16 May 2007 14:39:02 UTC
Severity: important
Tags: upstream
Found in version rdiff-backup/1.1.9-2
Done: martin f krafft <madduck@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>:
Bug#424638; Package rdiff-backup.
(full text, mbox, link).
Message #3 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: rdiff-backup
Version: 1.1.9-2
Severity: wishlist
The current ACL solution makes rdiff-backup rather unusable with
a complex set of ACLs. I need to use --never-drop-acls because I'd
lose valuable information otherwise, but then I can't really
maintain a map or a group list on the target for the more complex
servers. Why doesn't rdiff-backup store the ACL info as metadata
without requiring users/groups to exist?
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.20-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages rdiff-backup depends on:
ii libc6 2.5-7 GNU C Library: Shared libraries
ii librsync1 0.9.7-1 Library which implements the rsync
ii python 2.4.4-4 An interactive high-level object-o
ii python-support 0.6.4 automated rebuilding support for p
Versions of packages rdiff-backup recommends:
pn python-pylibacl <none> (no description available)
pn python-pyxattr <none> (no description available)
-- no debconf information
--
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
[signature.asc (application/pgp-signature, inline)]
Severity set to `important' from `wishlist'
Request was from martin f. krafft <madduck@debian.org>
to control@bugs.debian.org.
(Mon, 23 Jun 2008 18:09:12 GMT) (full text, mbox, link).
Tags added: upstream
Request was from martin f. krafft <madduck@debian.org>
to control@bugs.debian.org.
(Mon, 23 Jun 2008 23:21:06 GMT) (full text, mbox, link).
Reply sent to martin f krafft <madduck@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to martin f krafft <madduck@debian.org>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #12 received at 424638-done@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Version: 1.1.9-2
Andrew explains that I was misunderstanding. Thus, the issue can be
closed.
----- Forwarded message from Andrew Ferguson <owsla@Princeton.EDU> -----
Date: Thu, 3 Jul 2008 21:39:46 -0400
From: Andrew Ferguson <owsla@Princeton.EDU>
To: martin f krafft <madduck@madduck.net>
Cc: rdiff-backup discussion list <rdiff-backup-users@nongnu.org>
Subject: Re: [rdiff-backup-users] dropping ACLs if names can't be mapped
Message-Id: <1C053636-7F67-44E6-A81D-5F3C912E597A@princeton.edu>
On Jun 29, 2008, at 1:23 PM, martin f krafft wrote:
> Hello,
>
> I've had a long-standing issue with how rdiff-backup handles ACLs:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424638
>
> basically, if I have an ACL allowing group webserver to read files,
> that group has to exist on the destination filesystem, or else
> the warn_drop function in eas_acls.py:470 is called, telling me that
>
> "--never-drop-acls specified but cannot map name
> webserver occurring inside an ACL."
>
> Isn't rdiff-backup supposed to be writing to metadata? Why does it
> even try to map names? Is there a bug or am I misunderstanding
> something?
Yes, I am afraid you are misunderstanding.
Rdiff-backup will *always* write to metadata. The metadata will be used on the
restore since it is the complete record.
However, simultaneously with writing to metadata, rdiff-backup tries to map
the metadata from the source onto the destination (eg, mapping this
webserver-user ACL). Why does rdiff-backup do this? Three reasons: 1) It makes
it possible to do the restore without rdiff-backup 2) It makes rdiff-backup
behave a little more like rsync and 3) If the metadata file is lost, or
corrupt, rdiff-backup can use the destination metadata during a restore.
By specifying --never-drop-acls, you are saying that one of those 3 reasons is
very important (critical) to you, and that rdiff-backup should Exit (instead
of ignoring) if it cannot write the ACL to the destination. If you don't
specify --never-drop-acls, it would silently write that ACL to the metadata
only.
Andrew
----- End forwarded message -----
--
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
[digital_signature_gpg.asc (application/pgp-signature, inline)]
No longer marked as fixed in versions 1.1.9-2.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Sat, 02 Nov 2013 15:57:28 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 01 Dec 2013 07:33:44 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Oct 11 23:41:39 2017;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.