]>
Commit | Line | Data |
---|---|---|
c443f58b | 1 | use std::collections::{HashSet, HashMap}; |
c443f58b WB |
2 | use std::ffi::{CStr, CString, OsStr}; |
3 | use std::fmt; | |
a8e2940f | 4 | use std::io::{self, Read, Write}; |
c443f58b WB |
5 | use std::os::unix::ffi::OsStrExt; |
6 | use std::os::unix::io::{AsRawFd, FromRawFd, IntoRawFd, RawFd}; | |
7 | use std::path::{Path, PathBuf}; | |
6afb60ab | 8 | use std::sync::{Arc, Mutex}; |
c443f58b WB |
9 | |
10 | use anyhow::{bail, format_err, Error}; | |
11 | use nix::dir::Dir; | |
12 | use nix::errno::Errno; | |
13 | use nix::fcntl::OFlag; | |
14 | use nix::sys::stat::{FileStat, Mode}; | |
6afb60ab SR |
15 | use futures::future::BoxFuture; |
16 | use futures::FutureExt; | |
c443f58b | 17 | |
8d841f81 | 18 | use pathpatterns::{MatchEntry, MatchFlag, MatchList, MatchType, PatternFlag}; |
c443f58b | 19 | use pxar::Metadata; |
6afb60ab | 20 | use pxar::encoder::{SeqWrite, LinkOffset}; |
c443f58b | 21 | |
3d68536f | 22 | use proxmox::c_str; |
c443f58b WB |
23 | use proxmox::sys::error::SysError; |
24 | use proxmox::tools::fd::RawFdNum; | |
a8e2940f | 25 | use proxmox::tools::vec; |
c443f58b | 26 | |
f323e906 | 27 | use pbs_datastore::catalog::BackupCatalogWriter; |
770a36e5 WB |
28 | use pbs_tools::fs; |
29 | ||
032cd1b8 | 30 | use crate::pxar::metadata::errno_is_unsupported; |
5444fa94 | 31 | use crate::pxar::Flags; |
7eacdc76 | 32 | use crate::pxar::tools::assert_single_path_component; |
770a36e5 | 33 | use crate::tools::{acl, xattr, Fd}; |
c443f58b | 34 | |
77486a60 FG |
35 | /// Pxar options for creating a pxar archive/stream |
36 | #[derive(Default, Clone)] | |
37 | pub struct PxarCreateOptions { | |
38 | /// Device/mountpoint st_dev numbers that should be included. None for no limitation. | |
39 | pub device_set: Option<HashSet<u64>>, | |
40 | /// Exclusion patterns | |
41 | pub patterns: Vec<MatchEntry>, | |
42 | /// Maximum number of entries to hold in memory | |
43 | pub entries_max: usize, | |
44 | /// Skip lost+found directory | |
45 | pub skip_lost_and_found: bool, | |
46 | /// Verbose output | |
47 | pub verbose: bool, | |
48 | } | |
49 | ||
50 | ||
c443f58b WB |
51 | fn detect_fs_type(fd: RawFd) -> Result<i64, Error> { |
52 | let mut fs_stat = std::mem::MaybeUninit::uninit(); | |
53 | let res = unsafe { libc::fstatfs(fd, fs_stat.as_mut_ptr()) }; | |
54 | Errno::result(res)?; | |
55 | let fs_stat = unsafe { fs_stat.assume_init() }; | |
56 | ||
57 | Ok(fs_stat.f_type) | |
58 | } | |
59 | ||
a8e2940f | 60 | #[rustfmt::skip] |
c443f58b WB |
61 | pub fn is_virtual_file_system(magic: i64) -> bool { |
62 | use proxmox::sys::linux::magic::*; | |
63 | ||
a6bd6698 | 64 | matches!(magic, BINFMTFS_MAGIC | |
c443f58b WB |
65 | CGROUP2_SUPER_MAGIC | |
66 | CGROUP_SUPER_MAGIC | | |
67 | CONFIGFS_MAGIC | | |
68 | DEBUGFS_MAGIC | | |
69 | DEVPTS_SUPER_MAGIC | | |
70 | EFIVARFS_MAGIC | | |
71 | FUSE_CTL_SUPER_MAGIC | | |
72 | HUGETLBFS_MAGIC | | |
73 | MQUEUE_MAGIC | | |
74 | NFSD_MAGIC | | |
75 | PROC_SUPER_MAGIC | | |
76 | PSTOREFS_MAGIC | | |
77 | RPCAUTH_GSSMAGIC | | |
78 | SECURITYFS_MAGIC | | |
79 | SELINUX_MAGIC | | |
80 | SMACK_MAGIC | | |
a6bd6698 | 81 | SYSFS_MAGIC) |
c443f58b WB |
82 | } |
83 | ||
84 | #[derive(Debug)] | |
85 | struct ArchiveError { | |
86 | path: PathBuf, | |
87 | error: Error, | |
88 | } | |
89 | ||
90 | impl ArchiveError { | |
91 | fn new(path: PathBuf, error: Error) -> Self { | |
92 | Self { path, error } | |
93 | } | |
94 | } | |
95 | ||
96 | impl std::error::Error for ArchiveError {} | |
97 | ||
98 | impl fmt::Display for ArchiveError { | |
99 | fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { | |
100 | write!(f, "error at {:?}: {}", self.path, self.error) | |
101 | } | |
102 | } | |
103 | ||
104 | #[derive(Eq, PartialEq, Hash)] | |
105 | struct HardLinkInfo { | |
106 | st_dev: u64, | |
107 | st_ino: u64, | |
108 | } | |
109 | ||
47208b41 WB |
110 | /// TODO: make a builder for the create_archive call for fewer parameters and add a method to add a |
111 | /// logger which does not write to stderr. | |
112 | struct Logger; | |
113 | ||
114 | impl std::io::Write for Logger { | |
115 | fn write(&mut self, data: &[u8]) -> io::Result<usize> { | |
116 | std::io::stderr().write(data) | |
117 | } | |
118 | ||
119 | fn flush(&mut self) -> io::Result<()> { | |
120 | std::io::stderr().flush() | |
121 | } | |
122 | } | |
123 | ||
124 | /// And the error case. | |
3d68536f WB |
125 | struct ErrorReporter; |
126 | ||
127 | impl std::io::Write for ErrorReporter { | |
128 | fn write(&mut self, data: &[u8]) -> io::Result<usize> { | |
129 | std::io::stderr().write(data) | |
130 | } | |
131 | ||
132 | fn flush(&mut self) -> io::Result<()> { | |
133 | std::io::stderr().flush() | |
134 | } | |
135 | } | |
136 | ||
6afb60ab | 137 | struct Archiver { |
5444fa94 WB |
138 | feature_flags: Flags, |
139 | fs_feature_flags: Flags, | |
c443f58b | 140 | fs_magic: i64, |
3d68536f | 141 | patterns: Vec<MatchEntry>, |
6afb60ab SR |
142 | callback: Box<dyn FnMut(&Path) -> Result<(), Error> + Send>, |
143 | catalog: Option<Arc<Mutex<dyn BackupCatalogWriter + Send>>>, | |
c443f58b WB |
144 | path: PathBuf, |
145 | entry_counter: usize, | |
146 | entry_limit: usize, | |
147 | current_st_dev: libc::dev_t, | |
148 | device_set: Option<HashSet<u64>>, | |
149 | hardlinks: HashMap<HardLinkInfo, (PathBuf, LinkOffset)>, | |
3d68536f | 150 | errors: ErrorReporter, |
47208b41 | 151 | logger: Logger, |
a8e2940f | 152 | file_copy_buffer: Vec<u8>, |
c443f58b WB |
153 | } |
154 | ||
6afb60ab | 155 | type Encoder<'a, T> = pxar::encoder::aio::Encoder<'a, T>; |
c443f58b | 156 | |
6afb60ab | 157 | pub async fn create_archive<T, F>( |
c443f58b WB |
158 | source_dir: Dir, |
159 | mut writer: T, | |
5444fa94 | 160 | feature_flags: Flags, |
6afb60ab SR |
161 | callback: F, |
162 | catalog: Option<Arc<Mutex<dyn BackupCatalogWriter + Send>>>, | |
77486a60 | 163 | options: PxarCreateOptions, |
c443f58b WB |
164 | ) -> Result<(), Error> |
165 | where | |
6afb60ab SR |
166 | T: SeqWrite + Send, |
167 | F: FnMut(&Path) -> Result<(), Error> + Send + 'static, | |
c443f58b WB |
168 | { |
169 | let fs_magic = detect_fs_type(source_dir.as_raw_fd())?; | |
170 | if is_virtual_file_system(fs_magic) { | |
171 | bail!("refusing to backup a virtual file system"); | |
172 | } | |
173 | ||
5667b763 | 174 | let mut fs_feature_flags = Flags::from_magic(fs_magic); |
c443f58b WB |
175 | |
176 | let stat = nix::sys::stat::fstat(source_dir.as_raw_fd())?; | |
177 | let metadata = get_metadata( | |
178 | source_dir.as_raw_fd(), | |
179 | &stat, | |
180 | feature_flags & fs_feature_flags, | |
181 | fs_magic, | |
5667b763 | 182 | &mut fs_feature_flags, |
c443f58b WB |
183 | ) |
184 | .map_err(|err| format_err!("failed to get metadata for source directory: {}", err))?; | |
185 | ||
77486a60 | 186 | let mut device_set = options.device_set.clone(); |
c443f58b WB |
187 | if let Some(ref mut set) = device_set { |
188 | set.insert(stat.st_dev); | |
189 | } | |
190 | ||
6afb60ab | 191 | let mut encoder = Encoder::new(&mut writer, &metadata).await?; |
c443f58b | 192 | |
340c0bf9 | 193 | let mut patterns = options.patterns; |
77486a60 FG |
194 | |
195 | if options.skip_lost_and_found { | |
239e49f9 | 196 | patterns.push(MatchEntry::parse_pattern( |
bf7e2a46 | 197 | "lost+found", |
c443f58b WB |
198 | PatternFlag::PATH_NAME, |
199 | MatchType::Exclude, | |
200 | )?); | |
201 | } | |
202 | ||
203 | let mut archiver = Archiver { | |
204 | feature_flags, | |
205 | fs_feature_flags, | |
206 | fs_magic, | |
6afb60ab | 207 | callback: Box::new(callback), |
3d68536f | 208 | patterns, |
c443f58b WB |
209 | catalog, |
210 | path: PathBuf::new(), | |
211 | entry_counter: 0, | |
77486a60 | 212 | entry_limit: options.entries_max, |
c443f58b WB |
213 | current_st_dev: stat.st_dev, |
214 | device_set, | |
215 | hardlinks: HashMap::new(), | |
3d68536f | 216 | errors: ErrorReporter, |
47208b41 | 217 | logger: Logger, |
a8e2940f | 218 | file_copy_buffer: vec::undefined(4 * 1024 * 1024), |
c443f58b WB |
219 | }; |
220 | ||
6afb60ab SR |
221 | archiver.archive_dir_contents(&mut encoder, source_dir, true).await?; |
222 | encoder.finish().await?; | |
c443f58b WB |
223 | Ok(()) |
224 | } | |
225 | ||
226 | struct FileListEntry { | |
227 | name: CString, | |
228 | path: PathBuf, | |
229 | stat: FileStat, | |
230 | } | |
231 | ||
6afb60ab | 232 | impl Archiver { |
5444fa94 WB |
233 | /// Get the currently effective feature flags. (Requested flags masked by the file system |
234 | /// feature flags). | |
235 | fn flags(&self) -> Flags { | |
c443f58b WB |
236 | self.feature_flags & self.fs_feature_flags |
237 | } | |
238 | ||
239 | fn wrap_err(&self, err: Error) -> Error { | |
240 | if err.downcast_ref::<ArchiveError>().is_some() { | |
241 | err | |
242 | } else { | |
243 | ArchiveError::new(self.path.clone(), err).into() | |
244 | } | |
245 | } | |
246 | ||
6afb60ab SR |
247 | fn archive_dir_contents<'a, 'b, T: SeqWrite + Send>( |
248 | &'a mut self, | |
249 | encoder: &'a mut Encoder<'b, T>, | |
30140886 WB |
250 | mut dir: Dir, |
251 | is_root: bool, | |
6afb60ab SR |
252 | ) -> BoxFuture<'a, Result<(), Error>> { |
253 | async move { | |
254 | let entry_counter = self.entry_counter; | |
c443f58b | 255 | |
6afb60ab SR |
256 | let old_patterns_count = self.patterns.len(); |
257 | self.read_pxar_excludes(dir.as_raw_fd())?; | |
3d68536f | 258 | |
6afb60ab | 259 | let mut file_list = self.generate_directory_file_list(&mut dir, is_root)?; |
fa4bcbca | 260 | |
6afb60ab SR |
261 | if is_root && old_patterns_count > 0 { |
262 | file_list.push(FileListEntry { | |
263 | name: CString::new(".pxarexclude-cli").unwrap(), | |
264 | path: PathBuf::new(), | |
265 | stat: unsafe { std::mem::zeroed() }, | |
266 | }); | |
267 | } | |
c443f58b | 268 | |
6afb60ab | 269 | let dir_fd = dir.as_raw_fd(); |
c443f58b | 270 | |
6afb60ab | 271 | let old_path = std::mem::take(&mut self.path); |
3d68536f | 272 | |
6afb60ab SR |
273 | for file_entry in file_list { |
274 | let file_name = file_entry.name.to_bytes(); | |
3d68536f | 275 | |
6afb60ab SR |
276 | if is_root && file_name == b".pxarexclude-cli" { |
277 | self.encode_pxarexclude_cli(encoder, &file_entry.name, old_patterns_count).await?; | |
278 | continue; | |
279 | } | |
3d68536f | 280 | |
6afb60ab SR |
281 | (self.callback)(&file_entry.path)?; |
282 | self.path = file_entry.path; | |
283 | self.add_entry(encoder, dir_fd, &file_entry.name, &file_entry.stat).await | |
284 | .map_err(|err| self.wrap_err(err))?; | |
285 | } | |
286 | self.path = old_path; | |
287 | self.entry_counter = entry_counter; | |
288 | self.patterns.truncate(old_patterns_count); | |
3d68536f | 289 | |
6afb60ab SR |
290 | Ok(()) |
291 | }.boxed() | |
3d68536f WB |
292 | } |
293 | ||
294 | /// openat() wrapper which allows but logs `EACCES` and turns `ENOENT` into `None`. | |
7d0754a6 WB |
295 | /// |
296 | /// The `existed` flag is set when iterating through a directory to note that we know the file | |
297 | /// is supposed to exist and we should warn if it doesnt'. | |
3d68536f WB |
298 | fn open_file( |
299 | &mut self, | |
300 | parent: RawFd, | |
301 | file_name: &CStr, | |
302 | oflags: OFlag, | |
7d0754a6 | 303 | existed: bool, |
3d68536f | 304 | ) -> Result<Option<Fd>, Error> { |
e51be338 WB |
305 | // common flags we always want to use: |
306 | let oflags = oflags | OFlag::O_CLOEXEC | OFlag::O_NOCTTY; | |
307 | ||
30c3c5d6 WB |
308 | let mut noatime = OFlag::O_NOATIME; |
309 | loop { | |
310 | return match Fd::openat( | |
311 | &unsafe { RawFdNum::from_raw_fd(parent) }, | |
312 | file_name, | |
313 | oflags | noatime, | |
314 | Mode::empty(), | |
315 | ) { | |
316 | Ok(fd) => Ok(Some(fd)), | |
317 | Err(nix::Error::Sys(Errno::ENOENT)) => { | |
318 | if existed { | |
319 | self.report_vanished_file()?; | |
320 | } | |
321 | Ok(None) | |
7d0754a6 | 322 | } |
30c3c5d6 WB |
323 | Err(nix::Error::Sys(Errno::EACCES)) => { |
324 | writeln!(self.errors, "failed to open file: {:?}: access denied", file_name)?; | |
325 | Ok(None) | |
326 | } | |
327 | Err(nix::Error::Sys(Errno::EPERM)) if !noatime.is_empty() => { | |
328 | // Retry without O_NOATIME: | |
329 | noatime = OFlag::empty(); | |
330 | continue; | |
331 | } | |
332 | Err(other) => Err(Error::from(other)), | |
3d68536f | 333 | } |
3d68536f WB |
334 | } |
335 | } | |
336 | ||
337 | fn read_pxar_excludes(&mut self, parent: RawFd) -> Result<(), Error> { | |
32a4695c WB |
338 | let fd = match self.open_file(parent, c_str!(".pxarexclude"), OFlag::O_RDONLY, false)? { |
339 | Some(fd) => fd, | |
340 | None => return Ok(()), | |
341 | }; | |
3d68536f WB |
342 | |
343 | let old_pattern_count = self.patterns.len(); | |
344 | ||
b25deec0 WB |
345 | let path_bytes = self.path.as_os_str().as_bytes(); |
346 | ||
32a4695c WB |
347 | let file = unsafe { std::fs::File::from_raw_fd(fd.into_raw_fd()) }; |
348 | ||
349 | use io::BufRead; | |
350 | for line in io::BufReader::new(file).split(b'\n') { | |
351 | let line = match line { | |
352 | Ok(line) => line, | |
353 | Err(err) => { | |
354 | let _ = writeln!( | |
355 | self.errors, | |
356 | "ignoring .pxarexclude after read error in {:?}: {}", | |
357 | self.path, | |
358 | err, | |
359 | ); | |
360 | self.patterns.truncate(old_pattern_count); | |
361 | return Ok(()); | |
362 | } | |
363 | }; | |
3d68536f | 364 | |
32a4695c | 365 | let line = crate::tools::strip_ascii_whitespace(&line); |
3d68536f | 366 | |
32a4695c WB |
367 | if line.is_empty() || line[0] == b'#' { |
368 | continue; | |
369 | } | |
3d68536f | 370 | |
32a4695c | 371 | let mut buf; |
8d841f81 | 372 | let (line, mode, anchored) = if line[0] == b'/' { |
32a4695c WB |
373 | buf = Vec::with_capacity(path_bytes.len() + 1 + line.len()); |
374 | buf.extend(path_bytes); | |
375 | buf.extend(line); | |
8d841f81 | 376 | (&buf[..], MatchType::Exclude, true) |
32a4695c WB |
377 | } else if line.starts_with(b"!/") { |
378 | // inverted case with absolute path | |
379 | buf = Vec::with_capacity(path_bytes.len() + line.len()); | |
380 | buf.extend(path_bytes); | |
381 | buf.extend(&line[1..]); // without the '!' | |
8d841f81 | 382 | (&buf[..], MatchType::Include, true) |
32a4695c | 383 | } else if line.starts_with(b"!") { |
8d841f81 | 384 | (&line[1..], MatchType::Include, false) |
32a4695c | 385 | } else { |
8d841f81 | 386 | (line, MatchType::Exclude, false) |
32a4695c WB |
387 | }; |
388 | ||
389 | match MatchEntry::parse_pattern(line, PatternFlag::PATH_NAME, mode) { | |
8d841f81 WB |
390 | Ok(pattern) => { |
391 | if anchored { | |
392 | self.patterns.push(pattern.add_flags(MatchFlag::ANCHORED)); | |
393 | } else { | |
394 | self.patterns.push(pattern); | |
395 | } | |
396 | } | |
32a4695c WB |
397 | Err(err) => { |
398 | let _ = writeln!(self.errors, "bad pattern in {:?}: {}", self.path, err); | |
3d68536f WB |
399 | } |
400 | } | |
401 | } | |
c443f58b WB |
402 | |
403 | Ok(()) | |
404 | } | |
405 | ||
6afb60ab | 406 | async fn encode_pxarexclude_cli<T: SeqWrite + Send>( |
30140886 | 407 | &mut self, |
6afb60ab | 408 | encoder: &mut Encoder<'_, T>, |
30140886 | 409 | file_name: &CStr, |
c9097ff8 | 410 | patterns_count: usize, |
30140886 | 411 | ) -> Result<(), Error> { |
c9097ff8 | 412 | let content = generate_pxar_excludes_cli(&self.patterns[..patterns_count]); |
6afb60ab SR |
413 | if let Some(ref catalog) = self.catalog { |
414 | catalog.lock().unwrap().add_file(file_name, content.len() as u64, 0)?; | |
30140886 WB |
415 | } |
416 | ||
417 | let mut metadata = Metadata::default(); | |
418 | metadata.stat.mode = pxar::format::mode::IFREG | 0o600; | |
419 | ||
6afb60ab SR |
420 | let mut file = encoder.create_file(&metadata, ".pxarexclude-cli", content.len() as u64).await?; |
421 | file.write_all(&content).await?; | |
30140886 WB |
422 | |
423 | Ok(()) | |
424 | } | |
425 | ||
426 | fn generate_directory_file_list( | |
427 | &mut self, | |
428 | dir: &mut Dir, | |
429 | is_root: bool, | |
430 | ) -> Result<Vec<FileListEntry>, Error> { | |
c443f58b WB |
431 | let dir_fd = dir.as_raw_fd(); |
432 | ||
433 | let mut file_list = Vec::new(); | |
434 | ||
435 | for file in dir.iter() { | |
436 | let file = file?; | |
437 | ||
438 | let file_name = file.file_name().to_owned(); | |
439 | let file_name_bytes = file_name.to_bytes(); | |
440 | if file_name_bytes == b"." || file_name_bytes == b".." { | |
441 | continue; | |
442 | } | |
443 | ||
30140886 WB |
444 | if is_root && file_name_bytes == b".pxarexclude-cli" { |
445 | continue; | |
446 | } | |
447 | ||
c443f58b | 448 | let os_file_name = OsStr::from_bytes(file_name_bytes); |
7eacdc76 | 449 | assert_single_path_component(os_file_name)?; |
c443f58b WB |
450 | let full_path = self.path.join(os_file_name); |
451 | ||
452 | let stat = match nix::sys::stat::fstatat( | |
453 | dir_fd, | |
454 | file_name.as_c_str(), | |
455 | nix::fcntl::AtFlags::AT_SYMLINK_NOFOLLOW, | |
456 | ) { | |
457 | Ok(stat) => stat, | |
458 | Err(ref err) if err.not_found() => continue, | |
459 | Err(err) => bail!("stat failed on {:?}: {}", full_path, err), | |
460 | }; | |
461 | ||
874bd545 | 462 | let match_path = PathBuf::from("/").join(full_path.clone()); |
c443f58b | 463 | if self |
239e49f9 | 464 | .patterns |
874bd545 | 465 | .matches(match_path.as_os_str().as_bytes(), Some(stat.st_mode as u32)) |
c443f58b WB |
466 | == Some(MatchType::Exclude) |
467 | { | |
468 | continue; | |
469 | } | |
470 | ||
471 | self.entry_counter += 1; | |
472 | if self.entry_counter > self.entry_limit { | |
473 | bail!("exceeded allowed number of file entries (> {})",self.entry_limit); | |
474 | } | |
475 | ||
476 | file_list.push(FileListEntry { | |
477 | name: file_name, | |
478 | path: full_path, | |
479 | stat | |
480 | }); | |
481 | } | |
482 | ||
483 | file_list.sort_unstable_by(|a, b| a.name.cmp(&b.name)); | |
484 | ||
485 | Ok(file_list) | |
486 | } | |
487 | ||
3d68536f | 488 | fn report_vanished_file(&mut self) -> Result<(), Error> { |
5afa0755 | 489 | writeln!(self.errors, "warning: file vanished while reading: {:?}", self.path)?; |
3d68536f WB |
490 | Ok(()) |
491 | } | |
492 | ||
a8e2940f | 493 | fn report_file_shrunk_while_reading(&mut self) -> Result<(), Error> { |
5afa0755 | 494 | writeln!( |
a8e2940f WB |
495 | self.errors, |
496 | "warning: file size shrunk while reading: {:?}, file will be padded with zeros!", | |
497 | self.path, | |
498 | )?; | |
499 | Ok(()) | |
500 | } | |
501 | ||
502 | fn report_file_grew_while_reading(&mut self) -> Result<(), Error> { | |
5afa0755 | 503 | writeln!( |
a8e2940f WB |
504 | self.errors, |
505 | "warning: file size increased while reading: {:?}, file will be truncated!", | |
506 | self.path, | |
507 | )?; | |
508 | Ok(()) | |
509 | } | |
510 | ||
6afb60ab | 511 | async fn add_entry<T: SeqWrite + Send>( |
c443f58b | 512 | &mut self, |
6afb60ab | 513 | encoder: &mut Encoder<'_, T>, |
c443f58b WB |
514 | parent: RawFd, |
515 | c_file_name: &CStr, | |
516 | stat: &FileStat, | |
517 | ) -> Result<(), Error> { | |
518 | use pxar::format::mode; | |
519 | ||
520 | let file_mode = stat.st_mode & libc::S_IFMT; | |
1008a69a | 521 | let open_mode = if file_mode == libc::S_IFREG || file_mode == libc::S_IFDIR { |
c443f58b | 522 | OFlag::empty() |
1008a69a WB |
523 | } else { |
524 | OFlag::O_PATH | |
c443f58b WB |
525 | }; |
526 | ||
3d68536f WB |
527 | let fd = self.open_file( |
528 | parent, | |
c443f58b | 529 | c_file_name, |
e51be338 | 530 | open_mode | OFlag::O_RDONLY | OFlag::O_NOFOLLOW, |
7d0754a6 | 531 | true, |
c443f58b WB |
532 | )?; |
533 | ||
3d68536f WB |
534 | let fd = match fd { |
535 | Some(fd) => fd, | |
7d0754a6 | 536 | None => return Ok(()), |
3d68536f WB |
537 | }; |
538 | ||
5667b763 | 539 | let metadata = get_metadata(fd.as_raw_fd(), &stat, self.flags(), self.fs_magic, &mut self.fs_feature_flags)?; |
c443f58b WB |
540 | |
541 | if self | |
239e49f9 | 542 | .patterns |
c443f58b WB |
543 | .matches(self.path.as_os_str().as_bytes(), Some(stat.st_mode as u32)) |
544 | == Some(MatchType::Exclude) | |
545 | { | |
546 | return Ok(()); | |
547 | } | |
548 | ||
549 | let file_name: &Path = OsStr::from_bytes(c_file_name.to_bytes()).as_ref(); | |
550 | match metadata.file_type() { | |
551 | mode::IFREG => { | |
552 | let link_info = HardLinkInfo { | |
553 | st_dev: stat.st_dev, | |
554 | st_ino: stat.st_ino, | |
555 | }; | |
556 | ||
557 | if stat.st_nlink > 1 { | |
558 | if let Some((path, offset)) = self.hardlinks.get(&link_info) { | |
6afb60ab SR |
559 | if let Some(ref catalog) = self.catalog { |
560 | catalog.lock().unwrap().add_hardlink(c_file_name)?; | |
c443f58b WB |
561 | } |
562 | ||
6afb60ab | 563 | encoder.add_hardlink(file_name, path, *offset).await?; |
c443f58b WB |
564 | |
565 | return Ok(()); | |
566 | } | |
567 | } | |
568 | ||
569 | let file_size = stat.st_size as u64; | |
6afb60ab SR |
570 | if let Some(ref catalog) = self.catalog { |
571 | catalog.lock().unwrap().add_file(c_file_name, file_size, stat.st_mtime)?; | |
c443f58b WB |
572 | } |
573 | ||
574 | let offset: LinkOffset = | |
6afb60ab | 575 | self.add_regular_file(encoder, fd, file_name, &metadata, file_size).await?; |
c443f58b WB |
576 | |
577 | if stat.st_nlink > 1 { | |
578 | self.hardlinks.insert(link_info, (self.path.clone(), offset)); | |
579 | } | |
580 | ||
581 | Ok(()) | |
582 | } | |
583 | mode::IFDIR => { | |
584 | let dir = Dir::from_fd(fd.into_raw_fd())?; | |
9321bbd1 | 585 | |
6afb60ab SR |
586 | if let Some(ref catalog) = self.catalog { |
587 | catalog.lock().unwrap().start_directory(c_file_name)?; | |
9321bbd1 | 588 | } |
6afb60ab SR |
589 | let result = self.add_directory(encoder, dir, c_file_name, &metadata, stat).await; |
590 | if let Some(ref catalog) = self.catalog { | |
591 | catalog.lock().unwrap().end_directory()?; | |
9321bbd1 WB |
592 | } |
593 | result | |
c443f58b WB |
594 | } |
595 | mode::IFSOCK => { | |
6afb60ab SR |
596 | if let Some(ref catalog) = self.catalog { |
597 | catalog.lock().unwrap().add_socket(c_file_name)?; | |
c443f58b WB |
598 | } |
599 | ||
6afb60ab | 600 | Ok(encoder.add_socket(&metadata, file_name).await?) |
c443f58b WB |
601 | } |
602 | mode::IFIFO => { | |
6afb60ab SR |
603 | if let Some(ref catalog) = self.catalog { |
604 | catalog.lock().unwrap().add_fifo(c_file_name)?; | |
c443f58b WB |
605 | } |
606 | ||
6afb60ab | 607 | Ok(encoder.add_fifo(&metadata, file_name).await?) |
c443f58b WB |
608 | } |
609 | mode::IFLNK => { | |
6afb60ab SR |
610 | if let Some(ref catalog) = self.catalog { |
611 | catalog.lock().unwrap().add_symlink(c_file_name)?; | |
c443f58b WB |
612 | } |
613 | ||
6afb60ab | 614 | self.add_symlink(encoder, fd, file_name, &metadata).await |
c443f58b WB |
615 | } |
616 | mode::IFBLK => { | |
6afb60ab SR |
617 | if let Some(ref catalog) = self.catalog { |
618 | catalog.lock().unwrap().add_block_device(c_file_name)?; | |
c443f58b WB |
619 | } |
620 | ||
6afb60ab | 621 | self.add_device(encoder, file_name, &metadata, &stat).await |
c443f58b WB |
622 | } |
623 | mode::IFCHR => { | |
6afb60ab SR |
624 | if let Some(ref catalog) = self.catalog { |
625 | catalog.lock().unwrap().add_char_device(c_file_name)?; | |
c443f58b WB |
626 | } |
627 | ||
6afb60ab | 628 | self.add_device(encoder, file_name, &metadata, &stat).await |
c443f58b WB |
629 | } |
630 | other => bail!( | |
631 | "encountered unknown file type: 0x{:x} (0o{:o})", | |
632 | other, | |
633 | other | |
634 | ), | |
635 | } | |
636 | } | |
637 | ||
6afb60ab | 638 | async fn add_directory<T: SeqWrite + Send>( |
c443f58b | 639 | &mut self, |
6afb60ab | 640 | encoder: &mut Encoder<'_, T>, |
c443f58b WB |
641 | dir: Dir, |
642 | dir_name: &CStr, | |
643 | metadata: &Metadata, | |
644 | stat: &FileStat, | |
645 | ) -> Result<(), Error> { | |
646 | let dir_name = OsStr::from_bytes(dir_name.to_bytes()); | |
647 | ||
6afb60ab | 648 | let mut encoder = encoder.create_directory(dir_name, &metadata).await?; |
c443f58b WB |
649 | |
650 | let old_fs_magic = self.fs_magic; | |
651 | let old_fs_feature_flags = self.fs_feature_flags; | |
652 | let old_st_dev = self.current_st_dev; | |
653 | ||
654 | let mut skip_contents = false; | |
655 | if old_st_dev != stat.st_dev { | |
656 | self.fs_magic = detect_fs_type(dir.as_raw_fd())?; | |
5444fa94 | 657 | self.fs_feature_flags = Flags::from_magic(self.fs_magic); |
c443f58b WB |
658 | self.current_st_dev = stat.st_dev; |
659 | ||
660 | if is_virtual_file_system(self.fs_magic) { | |
661 | skip_contents = true; | |
662 | } else if let Some(set) = &self.device_set { | |
663 | skip_contents = !set.contains(&stat.st_dev); | |
664 | } | |
665 | } | |
666 | ||
667 | let result = if skip_contents { | |
47208b41 | 668 | writeln!(self.logger, "skipping mount point: {:?}", self.path)?; |
c443f58b WB |
669 | Ok(()) |
670 | } else { | |
6afb60ab | 671 | self.archive_dir_contents(&mut encoder, dir, false).await |
c443f58b WB |
672 | }; |
673 | ||
674 | self.fs_magic = old_fs_magic; | |
675 | self.fs_feature_flags = old_fs_feature_flags; | |
676 | self.current_st_dev = old_st_dev; | |
677 | ||
6afb60ab | 678 | encoder.finish().await?; |
c443f58b WB |
679 | result |
680 | } | |
681 | ||
6afb60ab | 682 | async fn add_regular_file<T: SeqWrite + Send>( |
c443f58b | 683 | &mut self, |
6afb60ab | 684 | encoder: &mut Encoder<'_, T>, |
c443f58b WB |
685 | fd: Fd, |
686 | file_name: &Path, | |
687 | metadata: &Metadata, | |
688 | file_size: u64, | |
689 | ) -> Result<LinkOffset, Error> { | |
690 | let mut file = unsafe { std::fs::File::from_raw_fd(fd.into_raw_fd()) }; | |
a8e2940f | 691 | let mut remaining = file_size; |
6afb60ab | 692 | let mut out = encoder.create_file(metadata, file_name, file_size).await?; |
a8e2940f | 693 | while remaining != 0 { |
3c2dd8ad | 694 | let mut got = match file.read(&mut self.file_copy_buffer[..]) { |
e144810d | 695 | Ok(0) => break, |
3c2dd8ad DC |
696 | Ok(got) => got, |
697 | Err(err) if err.kind() == std::io::ErrorKind::Interrupted => continue, | |
698 | Err(err) => bail!(err), | |
699 | }; | |
a8e2940f WB |
700 | if got as u64 > remaining { |
701 | self.report_file_grew_while_reading()?; | |
702 | got = remaining as usize; | |
703 | } | |
6afb60ab | 704 | out.write_all(&self.file_copy_buffer[..got]).await?; |
a8e2940f WB |
705 | remaining -= got as u64; |
706 | } | |
707 | if remaining > 0 { | |
708 | self.report_file_shrunk_while_reading()?; | |
709 | let to_zero = remaining.min(self.file_copy_buffer.len() as u64) as usize; | |
710 | vec::clear(&mut self.file_copy_buffer[..to_zero]); | |
711 | while remaining != 0 { | |
712 | let fill = remaining.min(self.file_copy_buffer.len() as u64) as usize; | |
6afb60ab | 713 | out.write_all(&self.file_copy_buffer[..fill]).await?; |
a8e2940f WB |
714 | remaining -= fill as u64; |
715 | } | |
716 | } | |
717 | ||
718 | Ok(out.file_offset()) | |
c443f58b WB |
719 | } |
720 | ||
6afb60ab | 721 | async fn add_symlink<T: SeqWrite + Send>( |
c443f58b | 722 | &mut self, |
6afb60ab | 723 | encoder: &mut Encoder<'_, T>, |
c443f58b WB |
724 | fd: Fd, |
725 | file_name: &Path, | |
726 | metadata: &Metadata, | |
727 | ) -> Result<(), Error> { | |
728 | let dest = nix::fcntl::readlinkat(fd.as_raw_fd(), &b""[..])?; | |
6afb60ab | 729 | encoder.add_symlink(metadata, file_name, dest).await?; |
c443f58b WB |
730 | Ok(()) |
731 | } | |
732 | ||
6afb60ab | 733 | async fn add_device<T: SeqWrite + Send>( |
c443f58b | 734 | &mut self, |
6afb60ab | 735 | encoder: &mut Encoder<'_, T>, |
c443f58b WB |
736 | file_name: &Path, |
737 | metadata: &Metadata, | |
738 | stat: &FileStat, | |
739 | ) -> Result<(), Error> { | |
740 | Ok(encoder.add_device( | |
741 | metadata, | |
742 | file_name, | |
743 | pxar::format::Device::from_dev_t(stat.st_rdev), | |
6afb60ab | 744 | ).await?) |
c443f58b WB |
745 | } |
746 | } | |
747 | ||
5667b763 | 748 | fn get_metadata(fd: RawFd, stat: &FileStat, flags: Flags, fs_magic: i64, fs_feature_flags: &mut Flags) -> Result<Metadata, Error> { |
c443f58b WB |
749 | // required for some of these |
750 | let proc_path = Path::new("/proc/self/fd/").join(fd.to_string()); | |
751 | ||
c443f58b WB |
752 | let mut meta = Metadata { |
753 | stat: pxar::Stat { | |
754 | mode: u64::from(stat.st_mode), | |
755 | flags: 0, | |
756 | uid: stat.st_uid, | |
757 | gid: stat.st_gid, | |
b31cdec2 | 758 | mtime: pxar::format::StatxTimestamp::new(stat.st_mtime, stat.st_mtime_nsec as u32), |
c443f58b WB |
759 | }, |
760 | ..Default::default() | |
761 | }; | |
762 | ||
5667b763 | 763 | get_xattr_fcaps_acl(&mut meta, fd, &proc_path, flags, fs_feature_flags)?; |
c443f58b WB |
764 | get_chattr(&mut meta, fd)?; |
765 | get_fat_attr(&mut meta, fd, fs_magic)?; | |
766 | get_quota_project_id(&mut meta, fd, flags, fs_magic)?; | |
767 | Ok(meta) | |
768 | } | |
769 | ||
5667b763 | 770 | fn get_fcaps(meta: &mut Metadata, fd: RawFd, flags: Flags, fs_feature_flags: &mut Flags) -> Result<(), Error> { |
591b120d | 771 | if !flags.contains(Flags::WITH_FCAPS) { |
c443f58b WB |
772 | return Ok(()); |
773 | } | |
774 | ||
775 | match xattr::fgetxattr(fd, xattr::xattr_name_fcaps()) { | |
776 | Ok(data) => { | |
777 | meta.fcaps = Some(pxar::format::FCaps { data }); | |
778 | Ok(()) | |
779 | } | |
780 | Err(Errno::ENODATA) => Ok(()), | |
5667b763 DC |
781 | Err(Errno::EOPNOTSUPP) => { |
782 | fs_feature_flags.remove(Flags::WITH_FCAPS); | |
783 | Ok(()) | |
784 | } | |
c443f58b WB |
785 | Err(Errno::EBADF) => Ok(()), // symlinks |
786 | Err(err) => bail!("failed to read file capabilities: {}", err), | |
787 | } | |
788 | } | |
789 | ||
790 | fn get_xattr_fcaps_acl( | |
791 | meta: &mut Metadata, | |
792 | fd: RawFd, | |
793 | proc_path: &Path, | |
5444fa94 | 794 | flags: Flags, |
5667b763 | 795 | fs_feature_flags: &mut Flags, |
c443f58b | 796 | ) -> Result<(), Error> { |
591b120d | 797 | if !flags.contains(Flags::WITH_XATTRS) { |
c443f58b WB |
798 | return Ok(()); |
799 | } | |
800 | ||
801 | let xattrs = match xattr::flistxattr(fd) { | |
802 | Ok(names) => names, | |
5667b763 DC |
803 | Err(Errno::EOPNOTSUPP) => { |
804 | fs_feature_flags.remove(Flags::WITH_XATTRS); | |
805 | return Ok(()); | |
806 | }, | |
c443f58b WB |
807 | Err(Errno::EBADF) => return Ok(()), // symlinks |
808 | Err(err) => bail!("failed to read xattrs: {}", err), | |
809 | }; | |
810 | ||
811 | for attr in &xattrs { | |
812 | if xattr::is_security_capability(&attr) { | |
5667b763 | 813 | get_fcaps(meta, fd, flags, fs_feature_flags)?; |
c443f58b WB |
814 | continue; |
815 | } | |
816 | ||
817 | if xattr::is_acl(&attr) { | |
5667b763 | 818 | get_acl(meta, proc_path, flags, fs_feature_flags)?; |
c443f58b WB |
819 | continue; |
820 | } | |
821 | ||
822 | if !xattr::is_valid_xattr_name(&attr) { | |
823 | continue; | |
824 | } | |
825 | ||
826 | match xattr::fgetxattr(fd, attr) { | |
827 | Ok(data) => meta | |
828 | .xattrs | |
829 | .push(pxar::format::XAttr::new(attr.to_bytes(), data)), | |
830 | Err(Errno::ENODATA) => (), // it got removed while we were iterating... | |
831 | Err(Errno::EOPNOTSUPP) => (), // shouldn't be possible so just ignore this | |
832 | Err(Errno::EBADF) => (), // symlinks, shouldn't be able to reach this either | |
833 | Err(err) => bail!("error reading extended attribute {:?}: {}", attr, err), | |
834 | } | |
835 | } | |
836 | ||
837 | Ok(()) | |
838 | } | |
839 | ||
840 | fn get_chattr(metadata: &mut Metadata, fd: RawFd) -> Result<(), Error> { | |
032cd1b8 | 841 | let mut attr: libc::c_long = 0; |
c443f58b WB |
842 | |
843 | match unsafe { fs::read_attr_fd(fd, &mut attr) } { | |
844 | Ok(_) => (), | |
845 | Err(nix::Error::Sys(errno)) if errno_is_unsupported(errno) => { | |
846 | return Ok(()); | |
847 | } | |
848 | Err(err) => bail!("failed to read file attributes: {}", err), | |
849 | } | |
850 | ||
032cd1b8 | 851 | metadata.stat.flags |= Flags::from_chattr(attr).bits(); |
c443f58b WB |
852 | |
853 | Ok(()) | |
854 | } | |
855 | ||
856 | fn get_fat_attr(metadata: &mut Metadata, fd: RawFd, fs_magic: i64) -> Result<(), Error> { | |
857 | use proxmox::sys::linux::magic::*; | |
858 | ||
859 | if fs_magic != MSDOS_SUPER_MAGIC && fs_magic != FUSE_SUPER_MAGIC { | |
860 | return Ok(()); | |
861 | } | |
862 | ||
863 | let mut attr: u32 = 0; | |
864 | ||
865 | match unsafe { fs::read_fat_attr_fd(fd, &mut attr) } { | |
866 | Ok(_) => (), | |
867 | Err(nix::Error::Sys(errno)) if errno_is_unsupported(errno) => { | |
868 | return Ok(()); | |
869 | } | |
870 | Err(err) => bail!("failed to read fat attributes: {}", err), | |
871 | } | |
872 | ||
5444fa94 | 873 | metadata.stat.flags |= Flags::from_fat_attr(attr).bits(); |
c443f58b WB |
874 | |
875 | Ok(()) | |
876 | } | |
877 | ||
878 | /// Read the quota project id for an inode, supported on ext4/XFS/FUSE/ZFS filesystems | |
879 | fn get_quota_project_id( | |
880 | metadata: &mut Metadata, | |
881 | fd: RawFd, | |
5444fa94 | 882 | flags: Flags, |
c443f58b WB |
883 | magic: i64, |
884 | ) -> Result<(), Error> { | |
885 | if !(metadata.is_dir() || metadata.is_regular_file()) { | |
886 | return Ok(()); | |
887 | } | |
888 | ||
591b120d | 889 | if !flags.contains(Flags::WITH_QUOTA_PROJID) { |
c443f58b WB |
890 | return Ok(()); |
891 | } | |
892 | ||
893 | use proxmox::sys::linux::magic::*; | |
894 | ||
895 | match magic { | |
896 | EXT4_SUPER_MAGIC | XFS_SUPER_MAGIC | FUSE_SUPER_MAGIC | ZFS_SUPER_MAGIC => (), | |
897 | _ => return Ok(()), | |
898 | } | |
899 | ||
900 | let mut fsxattr = fs::FSXAttr::default(); | |
901 | let res = unsafe { fs::fs_ioc_fsgetxattr(fd, &mut fsxattr) }; | |
902 | ||
903 | // On some FUSE filesystems it can happen that ioctl is not supported. | |
904 | // For these cases projid is set to 0 while the error is ignored. | |
905 | if let Err(err) = res { | |
906 | let errno = err | |
907 | .as_errno() | |
908 | .ok_or_else(|| format_err!("error while reading quota project id"))?; | |
909 | if errno_is_unsupported(errno) { | |
910 | return Ok(()); | |
911 | } else { | |
912 | bail!("error while reading quota project id ({})", errno); | |
913 | } | |
914 | } | |
915 | ||
916 | let projid = fsxattr.fsx_projid as u64; | |
917 | if projid != 0 { | |
918 | metadata.quota_project_id = Some(pxar::format::QuotaProjectId { projid }); | |
919 | } | |
920 | Ok(()) | |
921 | } | |
922 | ||
5667b763 | 923 | fn get_acl(metadata: &mut Metadata, proc_path: &Path, flags: Flags, fs_feature_flags: &mut Flags) -> Result<(), Error> { |
591b120d | 924 | if !flags.contains(Flags::WITH_ACL) { |
c443f58b WB |
925 | return Ok(()); |
926 | } | |
927 | ||
928 | if metadata.is_symlink() { | |
929 | return Ok(()); | |
930 | } | |
931 | ||
5667b763 | 932 | get_acl_do(metadata, proc_path, acl::ACL_TYPE_ACCESS, fs_feature_flags)?; |
c443f58b WB |
933 | |
934 | if metadata.is_dir() { | |
5667b763 | 935 | get_acl_do(metadata, proc_path, acl::ACL_TYPE_DEFAULT, fs_feature_flags)?; |
c443f58b WB |
936 | } |
937 | ||
938 | Ok(()) | |
939 | } | |
940 | ||
941 | fn get_acl_do( | |
942 | metadata: &mut Metadata, | |
943 | proc_path: &Path, | |
944 | acl_type: acl::ACLType, | |
5667b763 | 945 | fs_feature_flags: &mut Flags, |
c443f58b WB |
946 | ) -> Result<(), Error> { |
947 | // In order to be able to get ACLs with type ACL_TYPE_DEFAULT, we have | |
948 | // to create a path for acl_get_file(). acl_get_fd() only allows to get | |
949 | // ACL_TYPE_ACCESS attributes. | |
950 | let acl = match acl::ACL::get_file(&proc_path, acl_type) { | |
951 | Ok(acl) => acl, | |
952 | // Don't bail if underlying endpoint does not support acls | |
5667b763 DC |
953 | Err(Errno::EOPNOTSUPP) => { |
954 | fs_feature_flags.remove(Flags::WITH_ACL); | |
955 | return Ok(()); | |
956 | } | |
c443f58b WB |
957 | // Don't bail if the endpoint cannot carry acls |
958 | Err(Errno::EBADF) => return Ok(()), | |
959 | // Don't bail if there is no data | |
960 | Err(Errno::ENODATA) => return Ok(()), | |
961 | Err(err) => bail!("error while reading ACL - {}", err), | |
962 | }; | |
963 | ||
964 | process_acl(metadata, acl, acl_type) | |
965 | } | |
966 | ||
967 | fn process_acl( | |
968 | metadata: &mut Metadata, | |
969 | acl: acl::ACL, | |
970 | acl_type: acl::ACLType, | |
971 | ) -> Result<(), Error> { | |
972 | use pxar::format::acl as pxar_acl; | |
973 | use pxar::format::acl::{Group, GroupObject, Permissions, User}; | |
974 | ||
975 | let mut acl_user = Vec::new(); | |
976 | let mut acl_group = Vec::new(); | |
977 | let mut acl_group_obj = None; | |
978 | let mut acl_default = None; | |
979 | let mut user_obj_permissions = None; | |
980 | let mut group_obj_permissions = None; | |
981 | let mut other_permissions = None; | |
982 | let mut mask_permissions = None; | |
983 | ||
984 | for entry in &mut acl.entries() { | |
985 | let tag = entry.get_tag_type()?; | |
986 | let permissions = entry.get_permissions()?; | |
987 | match tag { | |
988 | acl::ACL_USER_OBJ => user_obj_permissions = Some(Permissions(permissions)), | |
989 | acl::ACL_GROUP_OBJ => group_obj_permissions = Some(Permissions(permissions)), | |
990 | acl::ACL_OTHER => other_permissions = Some(Permissions(permissions)), | |
991 | acl::ACL_MASK => mask_permissions = Some(Permissions(permissions)), | |
992 | acl::ACL_USER => { | |
993 | acl_user.push(User { | |
994 | uid: entry.get_qualifier()?, | |
995 | permissions: Permissions(permissions), | |
996 | }); | |
997 | } | |
998 | acl::ACL_GROUP => { | |
999 | acl_group.push(Group { | |
1000 | gid: entry.get_qualifier()?, | |
1001 | permissions: Permissions(permissions), | |
1002 | }); | |
1003 | } | |
1004 | _ => bail!("Unexpected ACL tag encountered!"), | |
1005 | } | |
1006 | } | |
1007 | ||
1008 | acl_user.sort(); | |
1009 | acl_group.sort(); | |
1010 | ||
1011 | match acl_type { | |
1012 | acl::ACL_TYPE_ACCESS => { | |
1013 | // The mask permissions are mapped to the stat group permissions | |
1014 | // in case that the ACL group permissions were set. | |
1015 | // Only in that case we need to store the group permissions, | |
1016 | // in the other cases they are identical to the stat group permissions. | |
1017 | if let (Some(gop), true) = (group_obj_permissions, mask_permissions.is_some()) { | |
1018 | acl_group_obj = Some(GroupObject { permissions: gop }); | |
1019 | } | |
1020 | ||
1021 | metadata.acl.users = acl_user; | |
1022 | metadata.acl.groups = acl_group; | |
9f40e09d | 1023 | metadata.acl.group_obj = acl_group_obj; |
c443f58b WB |
1024 | } |
1025 | acl::ACL_TYPE_DEFAULT => { | |
1026 | if user_obj_permissions != None | |
1027 | || group_obj_permissions != None | |
1028 | || other_permissions != None | |
1029 | || mask_permissions != None | |
1030 | { | |
1031 | acl_default = Some(pxar_acl::Default { | |
1032 | // The value is set to UINT64_MAX as placeholder if one | |
1033 | // of the permissions is not set | |
1034 | user_obj_permissions: user_obj_permissions.unwrap_or(Permissions::NO_MASK), | |
1035 | group_obj_permissions: group_obj_permissions.unwrap_or(Permissions::NO_MASK), | |
1036 | other_permissions: other_permissions.unwrap_or(Permissions::NO_MASK), | |
1037 | mask_permissions: mask_permissions.unwrap_or(Permissions::NO_MASK), | |
1038 | }); | |
1039 | } | |
1040 | ||
1041 | metadata.acl.default_users = acl_user; | |
1042 | metadata.acl.default_groups = acl_group; | |
9f40e09d | 1043 | metadata.acl.default = acl_default; |
c443f58b WB |
1044 | } |
1045 | _ => bail!("Unexpected ACL type encountered"), | |
1046 | } | |
1047 | ||
c443f58b WB |
1048 | Ok(()) |
1049 | } | |
239e49f9 WB |
1050 | |
1051 | /// Note that our pattern lists are "positive". `MatchType::Include` means the file is included. | |
1052 | /// Since we are generating an *exclude* list, we need to invert this, so includes get a `'!'` | |
1053 | /// prefix. | |
1054 | fn generate_pxar_excludes_cli(patterns: &[MatchEntry]) -> Vec<u8> { | |
8d841f81 | 1055 | use pathpatterns::MatchPattern; |
239e49f9 WB |
1056 | |
1057 | let mut content = Vec::new(); | |
1058 | ||
1059 | for pattern in patterns { | |
1060 | match pattern.match_type() { | |
1061 | MatchType::Include => content.push(b'!'), | |
1062 | MatchType::Exclude => (), | |
1063 | } | |
1064 | ||
1065 | match pattern.pattern() { | |
1066 | MatchPattern::Literal(lit) => content.extend(lit), | |
1067 | MatchPattern::Pattern(pat) => content.extend(pat.pattern().to_bytes()), | |
1068 | } | |
1069 | ||
1070 | if pattern.match_flags() == MatchFlag::MATCH_DIRECTORIES && content.last() != Some(&b'/') { | |
1071 | content.push(b'/'); | |
1072 | } | |
1073 | ||
1074 | content.push(b'\n'); | |
1075 | } | |
1076 | ||
1077 | content | |
1078 | } |