Michał Górny
2018-11-24 18:36:22 UTC
Hi,
Thanks for fixing the previous bug I reported. Sadly, I just managed to
accidentally find another one. When ACL mask restricts effective ACL
entries, getfacl(1) reports the effective permissions as a comment,
e.g.:
user:nobody:rw- #effective:r--
It seems that GNU tar writes that comment as part of the pax header,
and e.g. libarchive does not restore the ACL correctly.
To reproduce:
touch input.txt
setfacl -m nobody:rw input.txt
setfacl -m m:r input.txt
tar --format=pax --acls -cf test.tar input.txt
The resulting pax attributes contain:
95 SCHILY.acl.access=user::rw-
user:nobody:rw- #effective:r--
group::r--
mask::r--
other::r--
Now extract e.g. with bsdtar (from libarchive):
$ bsdtar -xf test.tar --acls
And the u:nobody ACL is gone.
Thanks for fixing the previous bug I reported. Sadly, I just managed to
accidentally find another one. When ACL mask restricts effective ACL
entries, getfacl(1) reports the effective permissions as a comment,
e.g.:
user:nobody:rw- #effective:r--
It seems that GNU tar writes that comment as part of the pax header,
and e.g. libarchive does not restore the ACL correctly.
To reproduce:
touch input.txt
setfacl -m nobody:rw input.txt
setfacl -m m:r input.txt
tar --format=pax --acls -cf test.tar input.txt
The resulting pax attributes contain:
95 SCHILY.acl.access=user::rw-
user:nobody:rw- #effective:r--
group::r--
mask::r--
other::r--
Now extract e.g. with bsdtar (from libarchive):
$ bsdtar -xf test.tar --acls
And the u:nobody ACL is gone.
--
Best regards,
MichaŠGórny
Best regards,
MichaŠGórny