1 use std
::collections
::{HashSet, HashMap}
;
2 use std
::ffi
::{CStr, CString, OsStr}
;
4 use std
::io
::{self, Read, Write}
;
5 use std
::os
::unix
::ffi
::OsStrExt
;
6 use std
::os
::unix
::io
::{AsRawFd, FromRawFd, IntoRawFd, RawFd}
;
7 use std
::path
::{Path, PathBuf}
;
9 use anyhow
::{bail, format_err, Error}
;
11 use nix
::errno
::Errno
;
12 use nix
::fcntl
::OFlag
;
13 use nix
::sys
::stat
::{FileStat, Mode}
;
15 use pathpatterns
::{MatchEntry, MatchList, MatchType, PatternFlag}
;
17 use pxar
::encoder
::LinkOffset
;
20 use proxmox
::sys
::error
::SysError
;
21 use proxmox
::tools
::fd
::RawFdNum
;
22 use proxmox
::tools
::vec
;
24 use crate::pxar
::catalog
::BackupCatalogWriter
;
25 use crate::pxar
::metadata
::errno_is_unsupported
;
26 use crate::pxar
::Flags
;
27 use crate::pxar
::tools
::assert_single_path_component
;
28 use crate::tools
::{acl, fs, xattr, Fd}
;
30 fn detect_fs_type(fd
: RawFd
) -> Result
<i64, Error
> {
31 let mut fs_stat
= std
::mem
::MaybeUninit
::uninit();
32 let res
= unsafe { libc::fstatfs(fd, fs_stat.as_mut_ptr()) }
;
34 let fs_stat
= unsafe { fs_stat.assume_init() }
;
40 pub fn is_virtual_file_system(magic
: i64) -> bool
{
41 use proxmox
::sys
::linux
::magic
::*;
51 FUSE_CTL_SUPER_MAGIC
|
73 fn new(path
: PathBuf
, error
: Error
) -> Self {
78 impl std
::error
::Error
for ArchiveError {}
80 impl fmt
::Display
for ArchiveError
{
81 fn fmt(&self, f
: &mut fmt
::Formatter
) -> fmt
::Result
{
82 write
!(f
, "error at {:?}: {}", self.path
, self.error
)
86 #[derive(Eq, PartialEq, Hash)]
92 /// In case we want to collect them or redirect them we can just add this here:
95 impl std
::io
::Write
for ErrorReporter
{
96 fn write(&mut self, data
: &[u8]) -> io
::Result
<usize> {
97 std
::io
::stderr().write(data
)
100 fn flush(&mut self) -> io
::Result
<()> {
101 std
::io
::stderr().flush()
105 struct Archiver
<'a
, 'b
> {
106 feature_flags
: Flags
,
107 fs_feature_flags
: Flags
,
109 patterns
: Vec
<MatchEntry
>,
110 callback
: &'a
mut dyn FnMut(&Path
) -> Result
<(), Error
>,
111 catalog
: Option
<&'b
mut dyn BackupCatalogWriter
>,
113 entry_counter
: usize,
115 current_st_dev
: libc
::dev_t
,
116 device_set
: Option
<HashSet
<u64>>,
117 hardlinks
: HashMap
<HardLinkInfo
, (PathBuf
, LinkOffset
)>,
118 errors
: ErrorReporter
,
119 file_copy_buffer
: Vec
<u8>,
122 type Encoder
<'a
, 'b
> = pxar
::encoder
::Encoder
<'a
, &'b
mut dyn pxar
::encoder
::SeqWrite
>;
124 pub fn create_archive
<T
, F
>(
127 mut patterns
: Vec
<MatchEntry
>,
128 feature_flags
: Flags
,
129 mut device_set
: Option
<HashSet
<u64>>,
130 skip_lost_and_found
: bool
,
133 catalog
: Option
<&mut dyn BackupCatalogWriter
>,
134 ) -> Result
<(), Error
>
136 T
: pxar
::encoder
::SeqWrite
,
137 F
: FnMut(&Path
) -> Result
<(), Error
>,
139 let fs_magic
= detect_fs_type(source_dir
.as_raw_fd())?
;
140 if is_virtual_file_system(fs_magic
) {
141 bail
!("refusing to backup a virtual file system");
144 let fs_feature_flags
= Flags
::from_magic(fs_magic
);
146 let stat
= nix
::sys
::stat
::fstat(source_dir
.as_raw_fd())?
;
147 let metadata
= get_metadata(
148 source_dir
.as_raw_fd(),
150 feature_flags
& fs_feature_flags
,
153 .map_err(|err
| format_err
!("failed to get metadata for source directory: {}", err
))?
;
155 if let Some(ref mut set
) = device_set
{
156 set
.insert(stat
.st_dev
);
159 let writer
= &mut writer
as &mut dyn pxar
::encoder
::SeqWrite
;
160 let mut encoder
= Encoder
::new(writer
, &metadata
)?
;
162 if skip_lost_and_found
{
163 patterns
.push(MatchEntry
::parse_pattern(
165 PatternFlag
::PATH_NAME
,
170 let mut archiver
= Archiver
{
174 callback
: &mut callback
,
177 path
: PathBuf
::new(),
180 current_st_dev
: stat
.st_dev
,
182 hardlinks
: HashMap
::new(),
183 errors
: ErrorReporter
,
184 file_copy_buffer
: vec
::undefined(4 * 1024 * 1024),
187 archiver
.archive_dir_contents(&mut encoder
, source_dir
, true)?
;
192 struct FileListEntry
{
198 impl<'a
, 'b
> Archiver
<'a
, 'b
> {
199 /// Get the currently effective feature flags. (Requested flags masked by the file system
201 fn flags(&self) -> Flags
{
202 self.feature_flags
& self.fs_feature_flags
205 fn wrap_err(&self, err
: Error
) -> Error
{
206 if err
.downcast_ref
::<ArchiveError
>().is_some() {
209 ArchiveError
::new(self.path
.clone(), err
).into()
213 fn archive_dir_contents(
215 encoder
: &mut Encoder
,
218 ) -> Result
<(), Error
> {
219 let entry_counter
= self.entry_counter
;
221 let old_patterns_count
= self.patterns
.len();
222 self.read_pxar_excludes(dir
.as_raw_fd())?
;
224 let file_list
= self.generate_directory_file_list(&mut dir
, is_root
)?
;
226 let dir_fd
= dir
.as_raw_fd();
228 let old_path
= std
::mem
::take(&mut self.path
);
230 for file_entry
in file_list
{
231 let file_name
= file_entry
.name
.to_bytes();
233 if is_root
&& file_name
== b
".pxarexclude-cli" {
234 self.encode_pxarexclude_cli(encoder
, &file_entry
.name
)?
;
238 (self.callback
)(Path
::new(OsStr
::from_bytes(file_name
)))?
;
239 self.path
= file_entry
.path
;
240 self.add_entry(encoder
, dir_fd
, &file_entry
.name
, &file_entry
.stat
)
241 .map_err(|err
| self.wrap_err(err
))?
;
243 self.path
= old_path
;
244 self.entry_counter
= entry_counter
;
245 self.patterns
.truncate(old_patterns_count
);
250 /// openat() wrapper which allows but logs `EACCES` and turns `ENOENT` into `None`.
252 /// The `existed` flag is set when iterating through a directory to note that we know the file
253 /// is supposed to exist and we should warn if it doesnt'.
260 ) -> Result
<Option
<Fd
>, Error
> {
262 &unsafe { RawFdNum::from_raw_fd(parent) }
,
267 Ok(fd
) => Ok(Some(fd
)),
268 Err(nix
::Error
::Sys(Errno
::ENOENT
)) => {
270 self.report_vanished_file()?
;
274 Err(nix
::Error
::Sys(Errno
::EACCES
)) => {
275 writeln
!(self.errors
, "failed to open file: {:?}: access denied", file_name
)?
;
278 Err(other
) => Err(Error
::from(other
)),
282 fn read_pxar_excludes(&mut self, parent
: RawFd
) -> Result
<(), Error
> {
283 let fd
= self.open_file(
285 c_str
!(".pxarexclude"),
286 OFlag
::O_RDONLY
| OFlag
::O_CLOEXEC
| OFlag
::O_NOCTTY
,
290 let old_pattern_count
= self.patterns
.len();
292 let path_bytes
= self.path
.as_os_str().as_bytes();
294 if let Some(fd
) = fd
{
295 let file
= unsafe { std::fs::File::from_raw_fd(fd.into_raw_fd()) }
;
298 for line
in io
::BufReader
::new(file
).split(b'
\n'
) {
299 let line
= match line
{
304 "ignoring .pxarexclude after read error in {:?}: {}",
308 self.patterns
.truncate(old_pattern_count
);
313 let line
= crate::tools
::strip_ascii_whitespace(&line
);
315 if line
.is_empty() || line
[0] == b'
#' {
320 let (line
, mode
) = if line
[0] == b'
/'
{
321 buf
= Vec
::with_capacity(path_bytes
.len() + 1 + line
.len());
322 buf
.extend(path_bytes
);
324 (&buf
[..], MatchType
::Exclude
)
325 } else if line
.starts_with(b
"!/") {
326 // inverted case with absolute path
327 buf
= Vec
::with_capacity(path_bytes
.len() + line
.len());
328 buf
.extend(path_bytes
);
329 buf
.extend(&line
[1..]); // without the '!'
330 (&buf
[..], MatchType
::Include
)
332 (line
, MatchType
::Exclude
)
335 match MatchEntry
::parse_pattern(line
, PatternFlag
::PATH_NAME
, mode
) {
336 Ok(pattern
) => self.patterns
.push(pattern
),
338 let _
= writeln
!(self.errors
, "bad pattern in {:?}: {}", self.path
, err
);
347 fn encode_pxarexclude_cli(
349 encoder
: &mut Encoder
,
351 ) -> Result
<(), Error
> {
352 let content
= generate_pxar_excludes_cli(&self.patterns
);
354 if let Some(ref mut catalog
) = self.catalog
{
355 catalog
.add_file(file_name
, content
.len() as u64, 0)?
;
358 let mut metadata
= Metadata
::default();
359 metadata
.stat
.mode
= pxar
::format
::mode
::IFREG
| 0o600;
361 let mut file
= encoder
.create_file(&metadata
, ".pxarexclude-cli", content
.len() as u64)?
;
362 file
.write_all(&content
)?
;
367 fn generate_directory_file_list(
371 ) -> Result
<Vec
<FileListEntry
>, Error
> {
372 let dir_fd
= dir
.as_raw_fd();
374 let mut file_list
= Vec
::new();
376 if is_root
&& !self.patterns
.is_empty() {
377 file_list
.push(FileListEntry
{
378 name
: CString
::new(".pxarexclude-cli").unwrap(),
379 path
: PathBuf
::new(),
380 stat
: unsafe { std::mem::zeroed() }
,
384 for file
in dir
.iter() {
387 let file_name
= file
.file_name().to_owned();
388 let file_name_bytes
= file_name
.to_bytes();
389 if file_name_bytes
== b
"." || file_name_bytes
== b
".." {
393 if is_root
&& file_name_bytes
== b
".pxarexclude-cli" {
397 if file_name_bytes
== b
".pxarexclude" {
401 let os_file_name
= OsStr
::from_bytes(file_name_bytes
);
402 assert_single_path_component(os_file_name
)?
;
403 let full_path
= self.path
.join(os_file_name
);
405 let stat
= match nix
::sys
::stat
::fstatat(
407 file_name
.as_c_str(),
408 nix
::fcntl
::AtFlags
::AT_SYMLINK_NOFOLLOW
,
411 Err(ref err
) if err
.not_found() => continue,
412 Err(err
) => bail
!("stat failed on {:?}: {}", full_path
, err
),
417 .matches(full_path
.as_os_str().as_bytes(), Some(stat
.st_mode
as u32))
418 == Some(MatchType
::Exclude
)
423 self.entry_counter
+= 1;
424 if self.entry_counter
> self.entry_limit
{
425 bail
!("exceeded allowed number of file entries (> {})",self.entry_limit
);
428 file_list
.push(FileListEntry
{
435 file_list
.sort_unstable_by(|a
, b
| a
.name
.cmp(&b
.name
));
440 fn report_vanished_file(&mut self) -> Result
<(), Error
> {
441 writeln
!(self.errors
, "warning: file vanished while reading: {:?}", self.path
)?
;
445 fn report_file_shrunk_while_reading(&mut self) -> Result
<(), Error
> {
448 "warning: file size shrunk while reading: {:?}, file will be padded with zeros!",
454 fn report_file_grew_while_reading(&mut self) -> Result
<(), Error
> {
457 "warning: file size increased while reading: {:?}, file will be truncated!",
465 encoder
: &mut Encoder
,
469 ) -> Result
<(), Error
> {
470 use pxar
::format
::mode
;
472 let file_mode
= stat
.st_mode
& libc
::S_IFMT
;
473 let open_mode
= if file_mode
== libc
::S_IFREG
|| file_mode
== libc
::S_IFDIR
{
479 let fd
= self.open_file(
482 open_mode
| OFlag
::O_RDONLY
| OFlag
::O_NOFOLLOW
| OFlag
::O_CLOEXEC
| OFlag
::O_NOCTTY
,
488 None
=> return Ok(()),
491 let metadata
= get_metadata(fd
.as_raw_fd(), &stat
, self.flags(), self.fs_magic
)?
;
495 .matches(self.path
.as_os_str().as_bytes(), Some(stat
.st_mode
as u32))
496 == Some(MatchType
::Exclude
)
501 let file_name
: &Path
= OsStr
::from_bytes(c_file_name
.to_bytes()).as_ref();
502 match metadata
.file_type() {
504 let link_info
= HardLinkInfo
{
509 if stat
.st_nlink
> 1 {
510 if let Some((path
, offset
)) = self.hardlinks
.get(&link_info
) {
511 if let Some(ref mut catalog
) = self.catalog
{
512 catalog
.add_hardlink(c_file_name
)?
;
515 encoder
.add_hardlink(file_name
, path
, *offset
)?
;
521 let file_size
= stat
.st_size
as u64;
522 if let Some(ref mut catalog
) = self.catalog
{
523 catalog
.add_file(c_file_name
, file_size
, stat
.st_mtime
as u64)?
;
526 let offset
: LinkOffset
=
527 self.add_regular_file(encoder
, fd
, file_name
, &metadata
, file_size
)?
;
529 if stat
.st_nlink
> 1 {
530 self.hardlinks
.insert(link_info
, (self.path
.clone(), offset
));
536 let dir
= Dir
::from_fd(fd
.into_raw_fd())?
;
538 if let Some(ref mut catalog
) = self.catalog
{
539 catalog
.start_directory(c_file_name
)?
;
541 let result
= self.add_directory(encoder
, dir
, c_file_name
, &metadata
, stat
);
542 if let Some(ref mut catalog
) = self.catalog
{
543 catalog
.end_directory()?
;
548 if let Some(ref mut catalog
) = self.catalog
{
549 catalog
.add_socket(c_file_name
)?
;
552 Ok(encoder
.add_socket(&metadata
, file_name
)?
)
555 if let Some(ref mut catalog
) = self.catalog
{
556 catalog
.add_fifo(c_file_name
)?
;
559 Ok(encoder
.add_fifo(&metadata
, file_name
)?
)
562 if let Some(ref mut catalog
) = self.catalog
{
563 catalog
.add_symlink(c_file_name
)?
;
566 self.add_symlink(encoder
, fd
, file_name
, &metadata
)
569 if let Some(ref mut catalog
) = self.catalog
{
570 catalog
.add_block_device(c_file_name
)?
;
573 self.add_device(encoder
, file_name
, &metadata
, &stat
)
576 if let Some(ref mut catalog
) = self.catalog
{
577 catalog
.add_char_device(c_file_name
)?
;
580 self.add_device(encoder
, file_name
, &metadata
, &stat
)
583 "encountered unknown file type: 0x{:x} (0o{:o})",
592 encoder
: &mut Encoder
,
597 ) -> Result
<(), Error
> {
598 let dir_name
= OsStr
::from_bytes(dir_name
.to_bytes());
600 let mut encoder
= encoder
.create_directory(dir_name
, &metadata
)?
;
602 let old_fs_magic
= self.fs_magic
;
603 let old_fs_feature_flags
= self.fs_feature_flags
;
604 let old_st_dev
= self.current_st_dev
;
606 let mut skip_contents
= false;
607 if old_st_dev
!= stat
.st_dev
{
608 self.fs_magic
= detect_fs_type(dir
.as_raw_fd())?
;
609 self.fs_feature_flags
= Flags
::from_magic(self.fs_magic
);
610 self.current_st_dev
= stat
.st_dev
;
612 if is_virtual_file_system(self.fs_magic
) {
613 skip_contents
= true;
614 } else if let Some(set
) = &self.device_set
{
615 skip_contents
= !set
.contains(&stat
.st_dev
);
619 let result
= if skip_contents
{
622 self.archive_dir_contents(&mut encoder
, dir
, false)
625 self.fs_magic
= old_fs_magic
;
626 self.fs_feature_flags
= old_fs_feature_flags
;
627 self.current_st_dev
= old_st_dev
;
635 encoder
: &mut Encoder
,
640 ) -> Result
<LinkOffset
, Error
> {
641 let mut file
= unsafe { std::fs::File::from_raw_fd(fd.into_raw_fd()) }
;
642 let mut remaining
= file_size
;
643 let mut out
= encoder
.create_file(metadata
, file_name
, file_size
)?
;
644 while remaining
!= 0 {
645 let mut got
= file
.read(&mut self.file_copy_buffer
[..])?
;
646 if got
as u64 > remaining
{
647 self.report_file_grew_while_reading()?
;
648 got
= remaining
as usize;
650 out
.write_all(&self.file_copy_buffer
[..got
])?
;
651 remaining
-= got
as u64;
654 self.report_file_shrunk_while_reading()?
;
655 let to_zero
= remaining
.min(self.file_copy_buffer
.len() as u64) as usize;
656 vec
::clear(&mut self.file_copy_buffer
[..to_zero
]);
657 while remaining
!= 0 {
658 let fill
= remaining
.min(self.file_copy_buffer
.len() as u64) as usize;
659 out
.write_all(&self.file_copy_buffer
[..fill
])?
;
660 remaining
-= fill
as u64;
664 Ok(out
.file_offset())
669 encoder
: &mut Encoder
,
673 ) -> Result
<(), Error
> {
674 let dest
= nix
::fcntl
::readlinkat(fd
.as_raw_fd(), &b
""[..])?
;
675 encoder
.add_symlink(metadata
, file_name
, dest
)?
;
681 encoder
: &mut Encoder
,
685 ) -> Result
<(), Error
> {
686 Ok(encoder
.add_device(
689 pxar
::format
::Device
::from_dev_t(stat
.st_rdev
),
694 fn get_metadata(fd
: RawFd
, stat
: &FileStat
, flags
: Flags
, fs_magic
: i64) -> Result
<Metadata
, Error
> {
695 // required for some of these
696 let proc_path
= Path
::new("/proc/self/fd/").join(fd
.to_string());
698 let mut meta
= Metadata
{
700 mode
: u64::from(stat
.st_mode
),
704 mtime
: pxar
::format
::StatxTimestamp
{
706 nanos
: stat
.st_mtime_nsec
as u32,
712 get_xattr_fcaps_acl(&mut meta
, fd
, &proc_path
, flags
)?
;
713 get_chattr(&mut meta
, fd
)?
;
714 get_fat_attr(&mut meta
, fd
, fs_magic
)?
;
715 get_quota_project_id(&mut meta
, fd
, flags
, fs_magic
)?
;
719 fn get_fcaps(meta
: &mut Metadata
, fd
: RawFd
, flags
: Flags
) -> Result
<(), Error
> {
720 if flags
.contains(Flags
::WITH_FCAPS
) {
724 match xattr
::fgetxattr(fd
, xattr
::xattr_name_fcaps()) {
726 meta
.fcaps
= Some(pxar
::format
::FCaps { data }
);
729 Err(Errno
::ENODATA
) => Ok(()),
730 Err(Errno
::EOPNOTSUPP
) => Ok(()),
731 Err(Errno
::EBADF
) => Ok(()), // symlinks
732 Err(err
) => bail
!("failed to read file capabilities: {}", err
),
736 fn get_xattr_fcaps_acl(
741 ) -> Result
<(), Error
> {
742 if flags
.contains(Flags
::WITH_XATTRS
) {
746 let xattrs
= match xattr
::flistxattr(fd
) {
748 Err(Errno
::EOPNOTSUPP
) => return Ok(()),
749 Err(Errno
::EBADF
) => return Ok(()), // symlinks
750 Err(err
) => bail
!("failed to read xattrs: {}", err
),
753 for attr
in &xattrs
{
754 if xattr
::is_security_capability(&attr
) {
755 get_fcaps(meta
, fd
, flags
)?
;
759 if xattr
::is_acl(&attr
) {
760 get_acl(meta
, proc_path
, flags
)?
;
764 if !xattr
::is_valid_xattr_name(&attr
) {
768 match xattr
::fgetxattr(fd
, attr
) {
771 .push(pxar
::format
::XAttr
::new(attr
.to_bytes(), data
)),
772 Err(Errno
::ENODATA
) => (), // it got removed while we were iterating...
773 Err(Errno
::EOPNOTSUPP
) => (), // shouldn't be possible so just ignore this
774 Err(Errno
::EBADF
) => (), // symlinks, shouldn't be able to reach this either
775 Err(err
) => bail
!("error reading extended attribute {:?}: {}", attr
, err
),
782 fn get_chattr(metadata
: &mut Metadata
, fd
: RawFd
) -> Result
<(), Error
> {
783 let mut attr
: libc
::c_long
= 0;
785 match unsafe { fs::read_attr_fd(fd, &mut attr) }
{
787 Err(nix
::Error
::Sys(errno
)) if errno_is_unsupported(errno
) => {
790 Err(err
) => bail
!("failed to read file attributes: {}", err
),
793 metadata
.stat
.flags
|= Flags
::from_chattr(attr
).bits();
798 fn get_fat_attr(metadata
: &mut Metadata
, fd
: RawFd
, fs_magic
: i64) -> Result
<(), Error
> {
799 use proxmox
::sys
::linux
::magic
::*;
801 if fs_magic
!= MSDOS_SUPER_MAGIC
&& fs_magic
!= FUSE_SUPER_MAGIC
{
805 let mut attr
: u32 = 0;
807 match unsafe { fs::read_fat_attr_fd(fd, &mut attr) }
{
809 Err(nix
::Error
::Sys(errno
)) if errno_is_unsupported(errno
) => {
812 Err(err
) => bail
!("failed to read fat attributes: {}", err
),
815 metadata
.stat
.flags
|= Flags
::from_fat_attr(attr
).bits();
820 /// Read the quota project id for an inode, supported on ext4/XFS/FUSE/ZFS filesystems
821 fn get_quota_project_id(
822 metadata
: &mut Metadata
,
826 ) -> Result
<(), Error
> {
827 if !(metadata
.is_dir() || metadata
.is_regular_file()) {
831 if flags
.contains(Flags
::WITH_QUOTA_PROJID
) {
835 use proxmox
::sys
::linux
::magic
::*;
838 EXT4_SUPER_MAGIC
| XFS_SUPER_MAGIC
| FUSE_SUPER_MAGIC
| ZFS_SUPER_MAGIC
=> (),
842 let mut fsxattr
= fs
::FSXAttr
::default();
843 let res
= unsafe { fs::fs_ioc_fsgetxattr(fd, &mut fsxattr) }
;
845 // On some FUSE filesystems it can happen that ioctl is not supported.
846 // For these cases projid is set to 0 while the error is ignored.
847 if let Err(err
) = res
{
850 .ok_or_else(|| format_err
!("error while reading quota project id"))?
;
851 if errno_is_unsupported(errno
) {
854 bail
!("error while reading quota project id ({})", errno
);
858 let projid
= fsxattr
.fsx_projid
as u64;
860 metadata
.quota_project_id
= Some(pxar
::format
::QuotaProjectId { projid }
);
865 fn get_acl(metadata
: &mut Metadata
, proc_path
: &Path
, flags
: Flags
) -> Result
<(), Error
> {
866 if flags
.contains(Flags
::WITH_ACL
) {
870 if metadata
.is_symlink() {
874 get_acl_do(metadata
, proc_path
, acl
::ACL_TYPE_ACCESS
)?
;
876 if metadata
.is_dir() {
877 get_acl_do(metadata
, proc_path
, acl
::ACL_TYPE_DEFAULT
)?
;
884 metadata
: &mut Metadata
,
886 acl_type
: acl
::ACLType
,
887 ) -> Result
<(), Error
> {
888 // In order to be able to get ACLs with type ACL_TYPE_DEFAULT, we have
889 // to create a path for acl_get_file(). acl_get_fd() only allows to get
890 // ACL_TYPE_ACCESS attributes.
891 let acl
= match acl
::ACL
::get_file(&proc_path
, acl_type
) {
893 // Don't bail if underlying endpoint does not support acls
894 Err(Errno
::EOPNOTSUPP
) => return Ok(()),
895 // Don't bail if the endpoint cannot carry acls
896 Err(Errno
::EBADF
) => return Ok(()),
897 // Don't bail if there is no data
898 Err(Errno
::ENODATA
) => return Ok(()),
899 Err(err
) => bail
!("error while reading ACL - {}", err
),
902 process_acl(metadata
, acl
, acl_type
)
906 metadata
: &mut Metadata
,
908 acl_type
: acl
::ACLType
,
909 ) -> Result
<(), Error
> {
910 use pxar
::format
::acl
as pxar_acl
;
911 use pxar
::format
::acl
::{Group, GroupObject, Permissions, User}
;
913 let mut acl_user
= Vec
::new();
914 let mut acl_group
= Vec
::new();
915 let mut acl_group_obj
= None
;
916 let mut acl_default
= None
;
917 let mut user_obj_permissions
= None
;
918 let mut group_obj_permissions
= None
;
919 let mut other_permissions
= None
;
920 let mut mask_permissions
= None
;
922 for entry
in &mut acl
.entries() {
923 let tag
= entry
.get_tag_type()?
;
924 let permissions
= entry
.get_permissions()?
;
926 acl
::ACL_USER_OBJ
=> user_obj_permissions
= Some(Permissions(permissions
)),
927 acl
::ACL_GROUP_OBJ
=> group_obj_permissions
= Some(Permissions(permissions
)),
928 acl
::ACL_OTHER
=> other_permissions
= Some(Permissions(permissions
)),
929 acl
::ACL_MASK
=> mask_permissions
= Some(Permissions(permissions
)),
932 uid
: entry
.get_qualifier()?
,
933 permissions
: Permissions(permissions
),
937 acl_group
.push(Group
{
938 gid
: entry
.get_qualifier()?
,
939 permissions
: Permissions(permissions
),
942 _
=> bail
!("Unexpected ACL tag encountered!"),
950 acl
::ACL_TYPE_ACCESS
=> {
951 // The mask permissions are mapped to the stat group permissions
952 // in case that the ACL group permissions were set.
953 // Only in that case we need to store the group permissions,
954 // in the other cases they are identical to the stat group permissions.
955 if let (Some(gop
), true) = (group_obj_permissions
, mask_permissions
.is_some()) {
956 acl_group_obj
= Some(GroupObject { permissions: gop }
);
959 metadata
.acl
.users
= acl_user
;
960 metadata
.acl
.groups
= acl_group
;
962 acl
::ACL_TYPE_DEFAULT
=> {
963 if user_obj_permissions
!= None
964 || group_obj_permissions
!= None
965 || other_permissions
!= None
966 || mask_permissions
!= None
968 acl_default
= Some(pxar_acl
::Default
{
969 // The value is set to UINT64_MAX as placeholder if one
970 // of the permissions is not set
971 user_obj_permissions
: user_obj_permissions
.unwrap_or(Permissions
::NO_MASK
),
972 group_obj_permissions
: group_obj_permissions
.unwrap_or(Permissions
::NO_MASK
),
973 other_permissions
: other_permissions
.unwrap_or(Permissions
::NO_MASK
),
974 mask_permissions
: mask_permissions
.unwrap_or(Permissions
::NO_MASK
),
978 metadata
.acl
.default_users
= acl_user
;
979 metadata
.acl
.default_groups
= acl_group
;
981 _
=> bail
!("Unexpected ACL type encountered"),
984 metadata
.acl
.group_obj
= acl_group_obj
;
985 metadata
.acl
.default = acl_default
;
990 /// Note that our pattern lists are "positive". `MatchType::Include` means the file is included.
991 /// Since we are generating an *exclude* list, we need to invert this, so includes get a `'!'`
993 fn generate_pxar_excludes_cli(patterns
: &[MatchEntry
]) -> Vec
<u8> {
994 use pathpatterns
::{MatchFlag, MatchPattern}
;
996 let mut content
= Vec
::new();
998 for pattern
in patterns
{
999 match pattern
.match_type() {
1000 MatchType
::Include
=> content
.push(b'
!'
),
1001 MatchType
::Exclude
=> (),
1004 match pattern
.pattern() {
1005 MatchPattern
::Literal(lit
) => content
.extend(lit
),
1006 MatchPattern
::Pattern(pat
) => content
.extend(pat
.pattern().to_bytes()),
1009 if pattern
.match_flags() == MatchFlag
::MATCH_DIRECTORIES
&& content
.last() != Some(&b'
/'
) {
1013 content
.push(b'
\n'
);