use failure::*;
use endian_trait::Endian;
-use std::collections::HashMap;
+use std::collections::{HashSet, HashMap};
use super::format_definition::*;
use super::binary_search_tree::*;
+use super::helper::*;
+use super::exclude_pattern::*;
+use crate::tools::fs;
+use crate::tools::acl;
use crate::tools::xattr;
use std::io::Write;
use nix::errno::Errno;
use nix::sys::stat::FileStat;
+use proxmox::tools::vec;
+
/// The format requires to build sorted directory lookup tables in
/// memory, so we restrict the number of allowed entries to limit
/// maximum memory usage.
writer_pos: usize,
_size: usize,
file_copy_buffer: Vec<u8>,
- all_file_systems: bool,
- root_st_dev: u64,
+ device_set: Option<HashSet<u64>>,
verbose: bool,
+ // Flags set by the user
feature_flags: u64,
+ // Flags signaling features supported by the filesystem
+ fs_feature_flags: u64,
hardlinks: HashMap<HardLinkInfo, (PathBuf, u64)>,
}
self.base_path.join(&self.relative_path)
}
+ /// Create archive, write result data to ``writer``.
+ ///
+ /// The ``device_set`` can be use used to limit included mount points.
+ ///
+ /// - ``None``: include all mount points
+ /// - ``Some(set)``: only include devices listed in this set (the
+ /// root path device is automathically added to this list, so
+ /// you can pass an empty set if you want to archive a single
+ /// mount point.)
pub fn encode(
path: PathBuf,
dir: &mut nix::dir::Dir,
writer: &'a mut W,
- all_file_systems: bool,
+ device_set: Option<HashSet<u64>>,
verbose: bool,
- no_xattrs: bool,
- no_fcaps: bool,
+ feature_flags: u64,
) -> Result<(), Error> {
const FILE_COPY_BUFFER_SIZE: usize = 1024*1024;
// todo: use scandirat??
let dir_fd = dir.as_raw_fd();
- let stat = match nix::sys::stat::fstat(dir_fd) {
- Ok(stat) => stat,
- Err(err) => bail!("fstat {:?} failed - {}", path, err),
- };
+ let stat = nix::sys::stat::fstat(dir_fd)
+ .map_err(|err| format_err!("fstat {:?} failed - {}", path, err))?;
- if (stat.st_mode & libc::S_IFMT) != libc::S_IFDIR {
+ if !is_directory(&stat) {
bail!("got unexpected file type {:?} (not a directory)", path);
}
+ let mut device_set = device_set.clone();
+ if let Some(ref mut set) = device_set {
+ set.insert(stat.st_dev);
+ }
+
let magic = detect_fs_type(dir_fd)?;
if is_virtual_file_system(magic) {
bail!("backup virtual file systems is disabled!");
}
- let mut feature_flags = CA_FORMAT_DEFAULT;
- if no_xattrs {
- feature_flags ^= CA_FORMAT_WITH_XATTRS;
- }
- if no_fcaps {
- feature_flags ^= CA_FORMAT_WITH_FCAPS;
- }
+
+ let fs_feature_flags = feature_flags_from_magic(magic);
let mut me = Self {
base_path: path,
writer_pos: 0,
_size: 0,
file_copy_buffer,
- all_file_systems,
- root_st_dev: stat.st_dev,
+ device_set,
verbose,
feature_flags,
+ fs_feature_flags,
hardlinks: HashMap::new(),
};
if verbose { println!("{:?}", me.full_path()); }
- me.encode_dir(dir, &stat, magic)?;
+ me.encode_dir(dir, &stat, magic, Vec::new())?;
Ok(())
}
fn create_entry(&self, stat: &FileStat) -> Result<CaFormatEntry, Error> {
- let mode = if (stat.st_mode & libc::S_IFMT) == libc::S_IFLNK {
+ let mode = if is_symlink(&stat) {
(libc::S_IFLNK | 0o777) as u64
} else {
(stat.st_mode & (libc::S_IFMT | 0o7777)) as u64
let mut attr: usize = 0;
- let res = unsafe { read_attr_fd(fd, &mut attr)};
+ let res = unsafe { fs::read_attr_fd(fd, &mut attr)};
if let Err(err) = res {
if let nix::Error::Sys(errno) = err {
if errno_is_unsupported(errno) { return Ok(()) };
let mut attr: u32 = 0;
- let res = unsafe { read_fat_attr_fd(fd, &mut attr)};
+ let res = unsafe { fs::read_fat_attr_fd(fd, &mut attr)};
if let Err(err) = res {
if let nix::Error::Sys(errno) = err {
if errno_is_unsupported(errno) { return Ok(()) };
Ok(())
}
+ /// True if all of the given feature flags are set in the Encoder, false otherwise
fn has_features(&self, feature_flags: u64) -> bool {
- (self.feature_flags & feature_flags) == feature_flags
+ (self.feature_flags & self.fs_feature_flags & feature_flags) == feature_flags
+ }
+
+ /// True if at least one of the given feature flags is set in the Encoder, false otherwise
+ fn has_some_features(&self, feature_flags: u64) -> bool {
+ (self.feature_flags & self.fs_feature_flags & feature_flags) != 0
}
- fn read_xattrs(&self, fd: RawFd, stat: &FileStat, entry: &CaFormatEntry) -> Result<(Vec<CaFormatXAttr>, Option<CaFormatFCaps>), Error> {
+ fn read_xattrs(&self, fd: RawFd, stat: &FileStat) -> Result<(Vec<CaFormatXAttr>, Option<CaFormatFCaps>), Error> {
let mut xattrs = Vec::new();
let mut fcaps = None;
let flags = CA_FORMAT_WITH_XATTRS | CA_FORMAT_WITH_FCAPS;
- if !self.has_features(flags) { return Ok((xattrs, fcaps)); }
+ if !self.has_some_features(flags) {
+ return Ok((xattrs, fcaps));
+ }
// Should never be called on symlinks, just in case check anyway
- if (stat.st_mode & libc::S_IFMT) == libc::S_IFLNK { return Ok((xattrs, fcaps)); }
+ if is_symlink(&stat) {
+ return Ok((xattrs, fcaps));
+ }
let xattr_names = match xattr::flistxattr(fd) {
Ok(names) => names,
+ // Do not bail if the underlying endpoint does not supports xattrs
Err(Errno::EOPNOTSUPP) => return Ok((xattrs, fcaps)),
+ // Do not bail if the endpoint cannot carry xattrs (such as symlinks)
Err(Errno::EBADF) => return Ok((xattrs, fcaps)),
Err(err) => bail!("read_xattrs failed for {:?} - {}", self.full_path(), err),
};
- for name in xattr_names.split(|c| *c == '\0' as u8) {
+ for name in xattr_names.split(|c| *c == b'\0') {
// Only extract the relevant extended attributes
- if !xattr::name_store(&name) { continue; }
+ if !xattr::is_valid_xattr_name(&name) {
+ continue;
+ }
let value = match xattr::fgetxattr(fd, name) {
Ok(value) => value,
Err(err) => bail!("read_xattrs failed for {:?} - {}", self.full_path(), err),
};
- if xattr::security_capability(&name) {
- // fcaps are stored in own format within the archive
- fcaps = Some(CaFormatFCaps {
- data: value,
- });
- } else {
+ if xattr::is_security_capability(&name) {
+ if self.has_features(CA_FORMAT_WITH_FCAPS) {
+ // fcaps are stored in own format within the archive
+ fcaps = Some(CaFormatFCaps {
+ data: value,
+ });
+ }
+ } else if self.has_features(CA_FORMAT_WITH_XATTRS) {
xattrs.push(CaFormatXAttr {
name: name.to_vec(),
value: value,
Ok((xattrs, fcaps))
}
+ fn read_acl(&self, fd: RawFd, stat: &FileStat, acl_type: acl::ACLType) -> Result<PxarACL, Error> {
+ let ret = PxarACL {
+ users: Vec::new(),
+ groups: Vec::new(),
+ group_obj: None,
+ default: None,
+ };
+
+ if !self.has_features(CA_FORMAT_WITH_ACL) {
+ return Ok(ret);
+ }
+ if is_symlink(&stat) {
+ return Ok(ret);
+ }
+ if acl_type == acl::ACL_TYPE_DEFAULT && !is_directory(&stat) {
+ bail!("ACL_TYPE_DEFAULT only defined for directories.");
+ }
+
+ // In order to be able to get ACLs with type ACL_TYPE_DEFAULT, we have
+ // to create a path for acl_get_file(). acl_get_fd() only allows to get
+ // ACL_TYPE_ACCESS attributes.
+ let proc_path = Path::new("/proc/self/fd/").join(fd.to_string());
+ let acl = match acl::ACL::get_file(&proc_path, acl_type) {
+ Ok(acl) => acl,
+ // Don't bail if underlying endpoint does not support acls
+ Err(Errno::EOPNOTSUPP) => return Ok(ret),
+ // Don't bail if the endpoint cannot carry acls
+ Err(Errno::EBADF) => return Ok(ret),
+ // Don't bail if there is no data
+ Err(Errno::ENODATA) => return Ok(ret),
+ Err(err) => bail!("error while reading ACL - {}", err),
+ };
+
+ self.process_acl(acl, acl_type)
+ }
+
+ fn process_acl(&self, acl: acl::ACL, acl_type: acl::ACLType) -> Result<PxarACL, Error> {
+ let mut acl_user = Vec::new();
+ let mut acl_group = Vec::new();
+ let mut acl_group_obj = None;
+ let mut acl_default = None;
+ let mut user_obj_permissions = None;
+ let mut group_obj_permissions = None;
+ let mut other_permissions = None;
+ let mut mask_permissions = None;
+
+ for entry in &mut acl.entries() {
+ let tag = entry.get_tag_type()?;
+ let permissions = entry.get_permissions()?;
+ match tag {
+ acl::ACL_USER_OBJ => user_obj_permissions = Some(permissions),
+ acl::ACL_GROUP_OBJ => group_obj_permissions = Some(permissions),
+ acl::ACL_OTHER => other_permissions = Some(permissions),
+ acl::ACL_MASK => mask_permissions = Some(permissions),
+ acl::ACL_USER => {
+ acl_user.push(CaFormatACLUser {
+ uid: entry.get_qualifier()?,
+ permissions: permissions,
+ });
+ },
+ acl::ACL_GROUP => {
+ acl_group.push(CaFormatACLGroup {
+ gid: entry.get_qualifier()?,
+ permissions: permissions,
+ });
+ },
+ _ => bail!("Unexpected ACL tag encountered!"),
+ }
+ }
+
+ acl_user.sort();
+ acl_group.sort();
+
+ match acl_type {
+ acl::ACL_TYPE_ACCESS => {
+ // The mask permissions are mapped to the stat group permissions
+ // in case that the ACL group permissions were set.
+ // Only in that case we need to store the group permissions,
+ // in the other cases they are identical to the stat group permissions.
+ if let (Some(gop), Some(_)) = (group_obj_permissions, mask_permissions) {
+ acl_group_obj = Some(CaFormatACLGroupObj {
+ permissions: gop,
+ });
+ }
+ },
+ acl::ACL_TYPE_DEFAULT => {
+ if user_obj_permissions != None ||
+ group_obj_permissions != None ||
+ other_permissions != None ||
+ mask_permissions != None
+ {
+ acl_default = Some(CaFormatACLDefault {
+ // The value is set to UINT64_MAX as placeholder if one
+ // of the permissions is not set
+ user_obj_permissions: user_obj_permissions.unwrap_or(std::u64::MAX),
+ group_obj_permissions: group_obj_permissions.unwrap_or(std::u64::MAX),
+ other_permissions: other_permissions.unwrap_or(std::u64::MAX),
+ mask_permissions: mask_permissions.unwrap_or(std::u64::MAX),
+ });
+ }
+ },
+ _ => bail!("Unexpected ACL type encountered"),
+ }
+
+ Ok(PxarACL {
+ users: acl_user,
+ groups: acl_group,
+ group_obj: acl_group_obj,
+ default: acl_default,
+ })
+ }
+
+ /// Read the project quota id for an inode, supported on ext4/XFS/FUSE/(ZFS TODO impl) filesystems
+ fn read_quota_project_id(&self, fd: RawFd, magic: i64, stat: &FileStat) -> Result<Option<CaFormatQuotaProjID>, Error> {
+ if !(is_directory(&stat) || is_reg_file(&stat)) {
+ return Ok(None);
+ }
+ if !self.has_features(CA_FORMAT_WITH_QUOTA_PROJID) {
+ return Ok(None);
+ }
+
+ match magic {
+ //TODO ZFS quota
+ EXT4_SUPER_MAGIC | XFS_SUPER_MAGIC | FUSE_SUPER_MAGIC => {
+ let mut fsxattr = fs::FSXAttr::default();
+ let res = unsafe {
+ fs::fs_ioc_fsgetxattr(fd, &mut fsxattr)
+ };
+
+ // On some FUSE filesystems it can happen that ioctl is not supported.
+ // For these cases projid is set to 0 while the error is ignored.
+ if let Err(err) = res {
+ let errno = err.as_errno().ok_or_else(|| {
+ format_err!("error while reading quota project id for {:#?}", self.full_path())
+ })?;
+ if errno_is_unsupported(errno) {
+ return Ok(None);
+ } else {
+ bail!("error while reading quota project id for {:#?} - {}", self.full_path(), errno);
+ }
+ }
+
+ let projid = fsxattr.fsx_projid as u64;
+ if projid == 0 {
+ return Ok(None);
+ } else {
+ return Ok(Some(CaFormatQuotaProjID { projid }));
+ }
+ },
+ _ => return Ok(None),
+ }
+ }
+
fn write_entry(&mut self, entry: CaFormatEntry) -> Result<(), Error> {
self.write_header(CA_FORMAT_ENTRY, std::mem::size_of::<CaFormatEntry>() as u64)?;
Ok(())
}
+ fn write_acl_user(&mut self, acl_user: CaFormatACLUser) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_ACL_USER, std::mem::size_of::<CaFormatACLUser>() as u64)?;
+ self.write_item(acl_user)?;
+
+ Ok(())
+ }
+
+ fn write_acl_group(&mut self, acl_group: CaFormatACLGroup) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_ACL_GROUP, std::mem::size_of::<CaFormatACLGroup>() as u64)?;
+ self.write_item(acl_group)?;
+
+ Ok(())
+ }
+
+ fn write_acl_group_obj(&mut self, acl_group_obj: CaFormatACLGroupObj) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_ACL_GROUP_OBJ, std::mem::size_of::<CaFormatACLGroupObj>() as u64)?;
+ self.write_item(acl_group_obj)?;
+
+ Ok(())
+ }
+
+ fn write_acl_default(&mut self, acl_default: CaFormatACLDefault) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_ACL_DEFAULT, std::mem::size_of::<CaFormatACLDefault>() as u64)?;
+ self.write_item(acl_default)?;
+
+ Ok(())
+ }
+
+ fn write_acl_default_user(&mut self, acl_default_user: CaFormatACLUser) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_ACL_DEFAULT_USER, std::mem::size_of::<CaFormatACLUser>() as u64)?;
+ self.write_item(acl_default_user)?;
+
+ Ok(())
+ }
+
+ fn write_acl_default_group(&mut self, acl_default_group: CaFormatACLGroup) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_ACL_DEFAULT_GROUP, std::mem::size_of::<CaFormatACLGroup>() as u64)?;
+ self.write_item(acl_default_group)?;
+
+ Ok(())
+ }
+
+ fn write_quota_project_id(&mut self, projid: CaFormatQuotaProjID) -> Result<(), Error> {
+ self.write_header(CA_FORMAT_QUOTA_PROJID, std::mem::size_of::<CaFormatQuotaProjID>() as u64)?;
+ self.write_item(projid)?;
+
+ Ok(())
+ }
+
fn write_goodbye_table(&mut self, goodbye_offset: usize, goodbye_items: &mut [CaFormatGoodbyeItem]) -> Result<(), Error> {
goodbye_items.sort_unstable_by(|a, b| a.hash.cmp(&b.hash));
Ok(())
}
- fn encode_dir(&mut self, dir: &mut nix::dir::Dir, dir_stat: &FileStat, magic: i64) -> Result<(), Error> {
+ fn encode_dir(&mut self, dir: &mut nix::dir::Dir, dir_stat: &FileStat, magic: i64, match_pattern: Vec<PxarExcludePattern>) -> Result<(), Error> {
//println!("encode_dir: {:?} start {}", self.full_path(), self.writer_pos);
self.read_chattr(rawfd, &mut dir_entry)?;
self.read_fat_attr(rawfd, magic, &mut dir_entry)?;
- let (xattrs, fcaps) = self.read_xattrs(rawfd, &dir_stat, &dir_entry)?;
+
+ // for each node in the directory tree, the filesystem features are
+ // checked based on the fs magic number.
+ self.fs_feature_flags = feature_flags_from_magic(magic);
+
+ let (xattrs, fcaps) = self.read_xattrs(rawfd, &dir_stat)?;
+ let acl_access = self.read_acl(rawfd, &dir_stat, acl::ACL_TYPE_ACCESS)?;
+ let acl_default = self.read_acl(rawfd, &dir_stat, acl::ACL_TYPE_DEFAULT)?;
+ let projid = self.read_quota_project_id(rawfd, magic, &dir_stat)?;
self.write_entry(dir_entry)?;
- for xattr in xattrs { self.write_xattr(xattr)?; }
+ for xattr in xattrs {
+ self.write_xattr(xattr)?;
+ }
self.write_fcaps(fcaps)?;
- let mut dir_count = 0;
+ for user in acl_access.users {
+ self.write_acl_user(user)?;
+ }
+ for group in acl_access.groups {
+ self.write_acl_group(group)?;
+ }
+ if let Some(group_obj) = acl_access.group_obj {
+ self.write_acl_group_obj(group_obj)?;
+ }
+
+ for default_user in acl_default.users {
+ self.write_acl_default_user(default_user)?;
+ }
+ for default_group in acl_default.groups {
+ self.write_acl_default_group(default_group)?;
+ }
+ if let Some(default) = acl_default.default {
+ self.write_acl_default(default)?;
+ }
+ if let Some(projid) = projid {
+ self.write_quota_project_id(projid)?;
+ }
let include_children;
if is_virtual_file_system(magic) {
include_children = false;
} else {
- include_children = (self.root_st_dev == dir_stat.st_dev) || self.all_file_systems;
+ if let Some(set) = &self.device_set {
+ include_children = set.contains(&dir_stat.st_dev);
+ } else {
+ include_children = true;
+ }
}
+ // Expand the exclude match pattern inherited from the parent by local entries, if present
+ let mut local_match_pattern = match_pattern.clone();
+ let pxar_exclude = match PxarExcludePattern::from_file(rawfd, ".pxarexclude") {
+ Ok(Some((mut excludes, buffer, stat))) => {
+ local_match_pattern.append(&mut excludes);
+ Some((buffer, stat))
+ },
+ Ok(None) => None,
+ Err(err) => bail!("error while reading exclude file - {}", err),
+ };
+
if include_children {
for entry in dir.iter() {
- dir_count += 1;
- if dir_count > MAX_DIRECTORY_ENTRIES {
- bail!("too many directory items in {:?} (> {})",
- self.full_path(), MAX_DIRECTORY_ENTRIES);
+ let entry = entry.map_err(|err| {
+ format_err!("readir {:?} failed - {}", self.full_path(), err)
+ })?;
+ let filename = entry.file_name().to_owned();
+
+ let name = filename.to_bytes_with_nul();
+ if name == b".\0" || name == b"..\0" {
+ continue;
}
- let entry = match entry {
- Ok(entry) => entry,
- Err(err) => bail!("readir {:?} failed - {}", self.full_path(), err),
+ let stat = match nix::sys::stat::fstatat(rawfd, filename.as_ref(), nix::fcntl::AtFlags::AT_SYMLINK_NOFOLLOW) {
+ Ok(stat) => stat,
+ Err(nix::Error::Sys(Errno::ENOENT)) => {
+ let filename_osstr = std::ffi::OsStr::from_bytes(filename.to_bytes());
+ self.report_vanished_file(&self.full_path().join(filename_osstr))?;
+ continue;
+ },
+ Err(err) => bail!("fstat {:?} failed - {}", self.full_path(), err),
};
- let filename = entry.file_name().to_owned();
- let name = filename.to_bytes_with_nul();
- let name_len = name.len();
- if name_len == 2 && name[0] == b'.' && name[1] == 0u8 { continue; }
- if name_len == 3 && name[0] == b'.' && name[1] == b'.' && name[2] == 0u8 { continue; }
+ match match_exclude_pattern(&filename, &stat, &local_match_pattern) {
+ (MatchType::Exclude, _) => {
+ let filename_osstr = std::ffi::OsStr::from_bytes(filename.to_bytes());
+ eprintln!("matched by .pxarexclude entry - skipping: {:?}", self.full_path().join(filename_osstr));
+ },
+ (_, child_pattern) => name_list.push((filename, stat, child_pattern)),
+ }
- name_list.push(filename);
+ if name_list.len() > MAX_DIRECTORY_ENTRIES {
+ bail!("too many directory items in {:?} (> {})", self.full_path(), MAX_DIRECTORY_ENTRIES);
+ }
}
} else {
eprintln!("skip mount point: {:?}", self.full_path());
}
- name_list.sort_unstable_by(|a, b| a.cmp(&b));
+ name_list.sort_unstable_by(|a, b| a.0.cmp(&b.0));
let mut goodbye_items = vec![];
- for filename in &name_list {
- self.relative_path.push(std::ffi::OsStr::from_bytes(filename.as_bytes()));
+ for (filename, stat, exclude_list) in name_list {
+ let start_pos = self.writer_pos;
- if self.verbose { println!("{:?}", self.full_path()); }
+ if filename.as_bytes() == b".pxarexclude" {
+ if let Some((ref content, ref stat)) = pxar_exclude {
+ let filefd = match nix::fcntl::openat(rawfd, filename.as_ref(), OFlag::O_NOFOLLOW, Mode::empty()) {
+ Ok(filefd) => filefd,
+ Err(nix::Error::Sys(Errno::ENOENT)) => {
+ self.report_vanished_file(&self.full_path())?;
+ continue;
+ },
+ Err(err) => {
+ let filename_osstr = std::ffi::OsStr::from_bytes(filename.to_bytes());
+ bail!("open file {:?} failed - {}", self.full_path().join(filename_osstr), err);
+ },
+ };
+
+ let child_magic = if dir_stat.st_dev != stat.st_dev {
+ detect_fs_type(filefd)?
+ } else {
+ magic
+ };
- let stat = match nix::sys::stat::fstatat(rawfd, filename.as_ref(), nix::fcntl::AtFlags::AT_SYMLINK_NOFOLLOW) {
- Ok(stat) => stat,
- Err(nix::Error::Sys(Errno::ENOENT)) => {
- self.report_vanished_file(&self.full_path())?;
+ self.write_filename(&filename)?;
+ self.encode_pxar_exclude(filefd, stat, child_magic, content)?;
continue;
}
- Err(err) => bail!("fstat {:?} failed - {}", self.full_path(), err),
- };
+ }
- let start_pos = self.writer_pos;
+ self.relative_path.push(std::ffi::OsStr::from_bytes(filename.as_bytes()));
- let ifmt = stat.st_mode & libc::S_IFMT;
+ if self.verbose { println!("{:?}", self.full_path()); }
- if ifmt == libc::S_IFDIR {
+ if is_directory(&stat) {
let mut dir = match nix::dir::Dir::openat(rawfd, filename.as_ref(), OFlag::O_DIRECTORY|OFlag::O_NOFOLLOW, Mode::empty()) {
Ok(dir) => dir,
};
self.write_filename(&filename)?;
- self.encode_dir(&mut dir, &stat, child_magic)?;
+ self.encode_dir(&mut dir, &stat, child_magic, exclude_list)?;
- } else if ifmt == libc::S_IFREG {
+ } else if is_reg_file(&stat) {
let mut hardlink_target = None;
res?;
}
- } else if ifmt == libc::S_IFLNK {
- let mut buffer = [0u8; libc::PATH_MAX as usize];
+ } else if is_symlink(&stat) {
+ let mut buffer = vec::undefined(libc::PATH_MAX as usize);
let res = filename.with_nix_path(|cstr| {
unsafe { libc::readlinkat(rawfd, cstr.as_ptr(), buffer.as_mut_ptr() as *mut libc::c_char, buffer.len()-1) }
}
Err(err) => bail!("readlink {:?} failed - {}", self.full_path(), err),
}
- } else if (ifmt == libc::S_IFBLK) || (ifmt == libc::S_IFCHR) {
+ } else if is_block_dev(&stat) || is_char_dev(&stat) {
self.write_filename(&filename)?;
self.encode_device(&stat)?;
- } else if (ifmt == libc::S_IFIFO) || (ifmt == libc::S_IFSOCK) {
+ } else if is_fifo(&stat) || is_socket(&stat) {
self.write_filename(&filename)?;
self.encode_special(&stat)?;
} else {
self.read_chattr(filefd, &mut entry)?;
self.read_fat_attr(filefd, magic, &mut entry)?;
- let (xattrs, fcaps) = self.read_xattrs(filefd, &stat, &entry)?;
+ let (xattrs, fcaps) = self.read_xattrs(filefd, &stat)?;
+ let acl_access = self.read_acl(filefd, &stat, acl::ACL_TYPE_ACCESS)?;
+ let projid = self.read_quota_project_id(filefd, magic, &stat)?;
self.write_entry(entry)?;
- for xattr in xattrs { self.write_xattr(xattr)?; }
+ for xattr in xattrs {
+ self.write_xattr(xattr)?;
+ }
self.write_fcaps(fcaps)?;
+ for user in acl_access.users {
+ self.write_acl_user(user)?;
+ }
+ for group in acl_access.groups {
+ self.write_acl_group(group)?;
+ }
+ if let Some(group_obj) = acl_access.group_obj {
+ self.write_acl_group_obj(group_obj)?;
+ }
+ if let Some(projid) = projid {
+ self.write_quota_project_id(projid)?;
+ }
let include_payload;
if is_virtual_file_system(magic) {
include_payload = false;
} else {
- include_payload = (stat.st_dev == self.root_st_dev) || self.all_file_systems;
+ if let Some(ref set) = &self.device_set {
+ include_payload = set.contains(&stat.st_dev);
+ } else {
+ include_payload = true;
+ }
}
if !include_payload {
Ok(())
}
+ fn encode_pxar_exclude(&mut self, filefd: RawFd, stat: &FileStat, magic: i64, content: &[u8]) -> Result<(), Error> {
+ let mut entry = self.create_entry(&stat)?;
+
+ self.read_chattr(filefd, &mut entry)?;
+ self.read_fat_attr(filefd, magic, &mut entry)?;
+ let (xattrs, fcaps) = self.read_xattrs(filefd, &stat)?;
+ let acl_access = self.read_acl(filefd, &stat, acl::ACL_TYPE_ACCESS)?;
+ let projid = self.read_quota_project_id(filefd, magic, &stat)?;
+
+ self.write_entry(entry)?;
+ for xattr in xattrs {
+ self.write_xattr(xattr)?;
+ }
+ self.write_fcaps(fcaps)?;
+ for user in acl_access.users {
+ self.write_acl_user(user)?;
+ }
+ for group in acl_access.groups {
+ self.write_acl_group(group)?;
+ }
+ if let Some(group_obj) = acl_access.group_obj {
+ self.write_acl_group_obj(group_obj)?;
+ }
+ if let Some(projid) = projid {
+ self.write_quota_project_id(projid)?;
+ }
+
+ let include_payload;
+ if is_virtual_file_system(magic) {
+ include_payload = false;
+ } else {
+ if let Some(set) = &self.device_set {
+ include_payload = set.contains(&stat.st_dev);
+ } else {
+ include_payload = true;
+ }
+ }
+
+ if !include_payload {
+ eprintln!("skip content: {:?}", self.full_path());
+ self.write_header(CA_FORMAT_PAYLOAD, 0)?;
+ return Ok(());
+ }
+
+ let size = content.len();
+ self.write_header(CA_FORMAT_PAYLOAD, size as u64)?;
+ self.writer.write_all(content)?;
+ self.writer_pos += size;
+
+ Ok(())
+ }
+
// the report_XXX method may raise and error - depending on encoder configuration
fn report_vanished_file(&self, path: &Path) -> Result<(), Error> {
}
}
+// If there is a match, an updated PxarExcludePattern list to pass to the matched child is returned.
+fn match_exclude_pattern(
+ filename: &CStr,
+ stat: &FileStat,
+ match_pattern: &Vec<PxarExcludePattern>
+) -> (MatchType, Vec<PxarExcludePattern>) {
+ let mut child_pattern = Vec::new();
+ let mut match_state = MatchType::None;
+
+ for pattern in match_pattern {
+ match pattern.matches_filename(filename, is_directory(&stat)) {
+ MatchType::None => {},
+ MatchType::Exclude => match_state = MatchType::Exclude,
+ MatchType::Include => match_state = MatchType::Include,
+ MatchType::PartialExclude => {
+ if match_state != MatchType::Exclude && match_state != MatchType::Include {
+ match_state = MatchType::PartialExclude;
+ }
+ child_pattern.push(pattern.get_rest_pattern());
+ },
+ MatchType::PartialInclude => {
+ if match_state != MatchType::Exclude && match_state != MatchType::Include {
+ match_state = MatchType::PartialInclude;
+ }
+ child_pattern.push(pattern.get_rest_pattern());
+ },
+ }
+ }
+
+ (match_state, child_pattern)
+}
+
fn errno_is_unsupported(errno: Errno) -> bool {
match errno {
Ok(fs_stat.f_type)
}
-use nix::{convert_ioctl_res, request_code_read, ioc};
-
-// /usr/include/linux/fs.h: #define FS_IOC_GETFLAGS _IOR('f', 1, long)
-/// read Linux file system attributes (see man chattr)
-nix::ioctl_read!(read_attr_fd, b'f', 1, usize);
-
-// /usr/include/linux/msdos_fs.h: #define FAT_IOCTL_GET_ATTRIBUTES _IOR('r', 0x10, __u32)
-// read FAT file system attributes
-nix::ioctl_read!(read_fat_attr_fd, b'r', 0x10, u32);
-
-
-// from /usr/include/linux/magic.h
-// and from casync util.h
-pub const BINFMTFS_MAGIC: i64 = 0x42494e4d;
-pub const CGROUP2_SUPER_MAGIC: i64 = 0x63677270;
-pub const CGROUP_SUPER_MAGIC: i64 = 0x0027e0eb;
-pub const CONFIGFS_MAGIC: i64 = 0x62656570;
-pub const DEBUGFS_MAGIC: i64 = 0x64626720;
-pub const DEVPTS_SUPER_MAGIC: i64 = 0x00001cd1;
-pub const EFIVARFS_MAGIC: i64 = 0xde5e81e4;
-pub const FUSE_CTL_SUPER_MAGIC: i64 = 0x65735543;
-pub const HUGETLBFS_MAGIC: i64 = 0x958458f6;
-pub const MQUEUE_MAGIC: i64 = 0x19800202;
-pub const NFSD_MAGIC: i64 = 0x6e667364;
-pub const PROC_SUPER_MAGIC: i64 = 0x00009fa0;
-pub const PSTOREFS_MAGIC: i64 = 0x6165676C;
-pub const RPCAUTH_GSSMAGIC: i64 = 0x67596969;
-pub const SECURITYFS_MAGIC: i64 = 0x73636673;
-pub const SELINUX_MAGIC: i64 = 0xf97cff8c;
-pub const SMACK_MAGIC: i64 = 0x43415d53;
-pub const RAMFS_MAGIC: i64 = 0x858458f6;
-pub const TMPFS_MAGIC: i64 = 0x01021994;
-pub const SYSFS_MAGIC: i64 = 0x62656572;
-pub const MSDOS_SUPER_MAGIC: i64 = 0x00004d44;
-pub const FUSE_SUPER_MAGIC: i64 = 0x65735546;
-
-
#[inline(always)]
pub fn is_temporary_file_system(magic: i64) -> bool {
magic == RAMFS_MAGIC || magic == TMPFS_MAGIC