1 use std
::collections
::{HashSet, HashMap}
;
2 use std
::ffi
::{CStr, CString, OsStr}
;
4 use std
::io
::{self, Read, Write}
;
5 use std
::os
::unix
::ffi
::OsStrExt
;
6 use std
::os
::unix
::io
::{AsRawFd, FromRawFd, IntoRawFd, RawFd}
;
7 use std
::path
::{Path, PathBuf}
;
9 use anyhow
::{bail, format_err, Error}
;
11 use nix
::errno
::Errno
;
12 use nix
::fcntl
::OFlag
;
13 use nix
::sys
::stat
::{FileStat, Mode}
;
15 use pathpatterns
::{MatchEntry, MatchFlag, MatchList, MatchType, PatternFlag}
;
17 use pxar
::encoder
::LinkOffset
;
20 use proxmox
::sys
::error
::SysError
;
21 use proxmox
::tools
::fd
::RawFdNum
;
22 use proxmox
::tools
::vec
;
24 use crate::pxar
::catalog
::BackupCatalogWriter
;
25 use crate::pxar
::metadata
::errno_is_unsupported
;
26 use crate::pxar
::Flags
;
27 use crate::pxar
::tools
::assert_single_path_component
;
28 use crate::tools
::{acl, fs, xattr, Fd}
;
30 /// Pxar options for creating a pxar archive/stream
31 #[derive(Default, Clone)]
32 pub struct PxarCreateOptions
{
33 /// Device/mountpoint st_dev numbers that should be included. None for no limitation.
34 pub device_set
: Option
<HashSet
<u64>>,
35 /// Exclusion patterns
36 pub patterns
: Vec
<MatchEntry
>,
37 /// Maximum number of entries to hold in memory
38 pub entries_max
: usize,
39 /// Skip lost+found directory
40 pub skip_lost_and_found
: bool
,
46 fn detect_fs_type(fd
: RawFd
) -> Result
<i64, Error
> {
47 let mut fs_stat
= std
::mem
::MaybeUninit
::uninit();
48 let res
= unsafe { libc::fstatfs(fd, fs_stat.as_mut_ptr()) }
;
50 let fs_stat
= unsafe { fs_stat.assume_init() }
;
56 pub fn is_virtual_file_system(magic
: i64) -> bool
{
57 use proxmox
::sys
::linux
::magic
::*;
59 matches
!(magic
, BINFMTFS_MAGIC
|
66 FUSE_CTL_SUPER_MAGIC
|
86 fn new(path
: PathBuf
, error
: Error
) -> Self {
91 impl std
::error
::Error
for ArchiveError {}
93 impl fmt
::Display
for ArchiveError
{
94 fn fmt(&self, f
: &mut fmt
::Formatter
) -> fmt
::Result
{
95 write
!(f
, "error at {:?}: {}", self.path
, self.error
)
99 #[derive(Eq, PartialEq, Hash)]
100 struct HardLinkInfo
{
105 /// TODO: make a builder for the create_archive call for fewer parameters and add a method to add a
106 /// logger which does not write to stderr.
109 impl std
::io
::Write
for Logger
{
110 fn write(&mut self, data
: &[u8]) -> io
::Result
<usize> {
111 std
::io
::stderr().write(data
)
114 fn flush(&mut self) -> io
::Result
<()> {
115 std
::io
::stderr().flush()
119 /// And the error case.
120 struct ErrorReporter
;
122 impl std
::io
::Write
for ErrorReporter
{
123 fn write(&mut self, data
: &[u8]) -> io
::Result
<usize> {
124 std
::io
::stderr().write(data
)
127 fn flush(&mut self) -> io
::Result
<()> {
128 std
::io
::stderr().flush()
132 struct Archiver
<'a
, 'b
> {
133 feature_flags
: Flags
,
134 fs_feature_flags
: Flags
,
136 patterns
: Vec
<MatchEntry
>,
137 callback
: &'a
mut dyn FnMut(&Path
) -> Result
<(), Error
>,
138 catalog
: Option
<&'b
mut dyn BackupCatalogWriter
>,
140 entry_counter
: usize,
142 current_st_dev
: libc
::dev_t
,
143 device_set
: Option
<HashSet
<u64>>,
144 hardlinks
: HashMap
<HardLinkInfo
, (PathBuf
, LinkOffset
)>,
145 errors
: ErrorReporter
,
147 file_copy_buffer
: Vec
<u8>,
150 type Encoder
<'a
, 'b
> = pxar
::encoder
::Encoder
<'a
, &'b
mut dyn pxar
::encoder
::SeqWrite
>;
152 pub fn create_archive
<T
, F
>(
155 feature_flags
: Flags
,
157 catalog
: Option
<&mut dyn BackupCatalogWriter
>,
158 options
: PxarCreateOptions
,
159 ) -> Result
<(), Error
>
161 T
: pxar
::encoder
::SeqWrite
,
162 F
: FnMut(&Path
) -> Result
<(), Error
>,
164 let fs_magic
= detect_fs_type(source_dir
.as_raw_fd())?
;
165 if is_virtual_file_system(fs_magic
) {
166 bail
!("refusing to backup a virtual file system");
169 let fs_feature_flags
= Flags
::from_magic(fs_magic
);
171 let stat
= nix
::sys
::stat
::fstat(source_dir
.as_raw_fd())?
;
172 let metadata
= get_metadata(
173 source_dir
.as_raw_fd(),
175 feature_flags
& fs_feature_flags
,
178 .map_err(|err
| format_err
!("failed to get metadata for source directory: {}", err
))?
;
180 let mut device_set
= options
.device_set
.clone();
181 if let Some(ref mut set
) = device_set
{
182 set
.insert(stat
.st_dev
);
185 let writer
= &mut writer
as &mut dyn pxar
::encoder
::SeqWrite
;
186 let mut encoder
= Encoder
::new(writer
, &metadata
)?
;
188 let mut patterns
= options
.patterns
.clone();
190 if options
.skip_lost_and_found
{
191 patterns
.push(MatchEntry
::parse_pattern(
193 PatternFlag
::PATH_NAME
,
198 let mut archiver
= Archiver
{
202 callback
: &mut callback
,
205 path
: PathBuf
::new(),
207 entry_limit
: options
.entries_max
,
208 current_st_dev
: stat
.st_dev
,
210 hardlinks
: HashMap
::new(),
211 errors
: ErrorReporter
,
213 file_copy_buffer
: vec
::undefined(4 * 1024 * 1024),
216 archiver
.archive_dir_contents(&mut encoder
, source_dir
, true)?
;
221 struct FileListEntry
{
227 impl<'a
, 'b
> Archiver
<'a
, 'b
> {
228 /// Get the currently effective feature flags. (Requested flags masked by the file system
230 fn flags(&self) -> Flags
{
231 self.feature_flags
& self.fs_feature_flags
234 fn wrap_err(&self, err
: Error
) -> Error
{
235 if err
.downcast_ref
::<ArchiveError
>().is_some() {
238 ArchiveError
::new(self.path
.clone(), err
).into()
242 fn archive_dir_contents(
244 encoder
: &mut Encoder
,
247 ) -> Result
<(), Error
> {
248 let entry_counter
= self.entry_counter
;
250 let old_patterns_count
= self.patterns
.len();
251 self.read_pxar_excludes(dir
.as_raw_fd())?
;
253 let mut file_list
= self.generate_directory_file_list(&mut dir
, is_root
)?
;
255 if is_root
&& old_patterns_count
> 0 {
256 file_list
.push(FileListEntry
{
257 name
: CString
::new(".pxarexclude-cli").unwrap(),
258 path
: PathBuf
::new(),
259 stat
: unsafe { std::mem::zeroed() }
,
263 let dir_fd
= dir
.as_raw_fd();
265 let old_path
= std
::mem
::take(&mut self.path
);
267 for file_entry
in file_list
{
268 let file_name
= file_entry
.name
.to_bytes();
270 if is_root
&& file_name
== b
".pxarexclude-cli" {
271 self.encode_pxarexclude_cli(encoder
, &file_entry
.name
, old_patterns_count
)?
;
275 (self.callback
)(&file_entry
.path
)?
;
276 self.path
= file_entry
.path
;
277 self.add_entry(encoder
, dir_fd
, &file_entry
.name
, &file_entry
.stat
)
278 .map_err(|err
| self.wrap_err(err
))?
;
280 self.path
= old_path
;
281 self.entry_counter
= entry_counter
;
282 self.patterns
.truncate(old_patterns_count
);
287 /// openat() wrapper which allows but logs `EACCES` and turns `ENOENT` into `None`.
289 /// The `existed` flag is set when iterating through a directory to note that we know the file
290 /// is supposed to exist and we should warn if it doesnt'.
297 ) -> Result
<Option
<Fd
>, Error
> {
298 // common flags we always want to use:
299 let oflags
= oflags
| OFlag
::O_CLOEXEC
| OFlag
::O_NOCTTY
;
301 let mut noatime
= OFlag
::O_NOATIME
;
303 return match Fd
::openat(
304 &unsafe { RawFdNum::from_raw_fd(parent) }
,
309 Ok(fd
) => Ok(Some(fd
)),
310 Err(nix
::Error
::Sys(Errno
::ENOENT
)) => {
312 self.report_vanished_file()?
;
316 Err(nix
::Error
::Sys(Errno
::EACCES
)) => {
317 writeln
!(self.errors
, "failed to open file: {:?}: access denied", file_name
)?
;
320 Err(nix
::Error
::Sys(Errno
::EPERM
)) if !noatime
.is_empty() => {
321 // Retry without O_NOATIME:
322 noatime
= OFlag
::empty();
325 Err(other
) => Err(Error
::from(other
)),
330 fn read_pxar_excludes(&mut self, parent
: RawFd
) -> Result
<(), Error
> {
331 let fd
= match self.open_file(parent
, c_str
!(".pxarexclude"), OFlag
::O_RDONLY
, false)?
{
333 None
=> return Ok(()),
336 let old_pattern_count
= self.patterns
.len();
338 let path_bytes
= self.path
.as_os_str().as_bytes();
340 let file
= unsafe { std::fs::File::from_raw_fd(fd.into_raw_fd()) }
;
343 for line
in io
::BufReader
::new(file
).split(b'
\n'
) {
344 let line
= match line
{
349 "ignoring .pxarexclude after read error in {:?}: {}",
353 self.patterns
.truncate(old_pattern_count
);
358 let line
= crate::tools
::strip_ascii_whitespace(&line
);
360 if line
.is_empty() || line
[0] == b'
#' {
365 let (line
, mode
, anchored
) = if line
[0] == b'
/'
{
366 buf
= Vec
::with_capacity(path_bytes
.len() + 1 + line
.len());
367 buf
.extend(path_bytes
);
369 (&buf
[..], MatchType
::Exclude
, true)
370 } else if line
.starts_with(b
"!/") {
371 // inverted case with absolute path
372 buf
= Vec
::with_capacity(path_bytes
.len() + line
.len());
373 buf
.extend(path_bytes
);
374 buf
.extend(&line
[1..]); // without the '!'
375 (&buf
[..], MatchType
::Include
, true)
376 } else if line
.starts_with(b
"!") {
377 (&line
[1..], MatchType
::Include
, false)
379 (line
, MatchType
::Exclude
, false)
382 match MatchEntry
::parse_pattern(line
, PatternFlag
::PATH_NAME
, mode
) {
385 self.patterns
.push(pattern
.add_flags(MatchFlag
::ANCHORED
));
387 self.patterns
.push(pattern
);
391 let _
= writeln
!(self.errors
, "bad pattern in {:?}: {}", self.path
, err
);
399 fn encode_pxarexclude_cli(
401 encoder
: &mut Encoder
,
403 patterns_count
: usize,
404 ) -> Result
<(), Error
> {
405 let content
= generate_pxar_excludes_cli(&self.patterns
[..patterns_count
]);
407 if let Some(ref mut catalog
) = self.catalog
{
408 catalog
.add_file(file_name
, content
.len() as u64, 0)?
;
411 let mut metadata
= Metadata
::default();
412 metadata
.stat
.mode
= pxar
::format
::mode
::IFREG
| 0o600;
414 let mut file
= encoder
.create_file(&metadata
, ".pxarexclude-cli", content
.len() as u64)?
;
415 file
.write_all(&content
)?
;
420 fn generate_directory_file_list(
424 ) -> Result
<Vec
<FileListEntry
>, Error
> {
425 let dir_fd
= dir
.as_raw_fd();
427 let mut file_list
= Vec
::new();
429 for file
in dir
.iter() {
432 let file_name
= file
.file_name().to_owned();
433 let file_name_bytes
= file_name
.to_bytes();
434 if file_name_bytes
== b
"." || file_name_bytes
== b
".." {
438 if is_root
&& file_name_bytes
== b
".pxarexclude-cli" {
442 let os_file_name
= OsStr
::from_bytes(file_name_bytes
);
443 assert_single_path_component(os_file_name
)?
;
444 let full_path
= self.path
.join(os_file_name
);
446 let stat
= match nix
::sys
::stat
::fstatat(
448 file_name
.as_c_str(),
449 nix
::fcntl
::AtFlags
::AT_SYMLINK_NOFOLLOW
,
452 Err(ref err
) if err
.not_found() => continue,
453 Err(err
) => bail
!("stat failed on {:?}: {}", full_path
, err
),
456 let match_path
= PathBuf
::from("/").join(full_path
.clone());
459 .matches(match_path
.as_os_str().as_bytes(), Some(stat
.st_mode
as u32))
460 == Some(MatchType
::Exclude
)
465 self.entry_counter
+= 1;
466 if self.entry_counter
> self.entry_limit
{
467 bail
!("exceeded allowed number of file entries (> {})",self.entry_limit
);
470 file_list
.push(FileListEntry
{
477 file_list
.sort_unstable_by(|a
, b
| a
.name
.cmp(&b
.name
));
482 fn report_vanished_file(&mut self) -> Result
<(), Error
> {
483 writeln
!(self.errors
, "warning: file vanished while reading: {:?}", self.path
)?
;
487 fn report_file_shrunk_while_reading(&mut self) -> Result
<(), Error
> {
490 "warning: file size shrunk while reading: {:?}, file will be padded with zeros!",
496 fn report_file_grew_while_reading(&mut self) -> Result
<(), Error
> {
499 "warning: file size increased while reading: {:?}, file will be truncated!",
507 encoder
: &mut Encoder
,
511 ) -> Result
<(), Error
> {
512 use pxar
::format
::mode
;
514 let file_mode
= stat
.st_mode
& libc
::S_IFMT
;
515 let open_mode
= if file_mode
== libc
::S_IFREG
|| file_mode
== libc
::S_IFDIR
{
521 let fd
= self.open_file(
524 open_mode
| OFlag
::O_RDONLY
| OFlag
::O_NOFOLLOW
,
530 None
=> return Ok(()),
533 let metadata
= get_metadata(fd
.as_raw_fd(), &stat
, self.flags(), self.fs_magic
)?
;
537 .matches(self.path
.as_os_str().as_bytes(), Some(stat
.st_mode
as u32))
538 == Some(MatchType
::Exclude
)
543 let file_name
: &Path
= OsStr
::from_bytes(c_file_name
.to_bytes()).as_ref();
544 match metadata
.file_type() {
546 let link_info
= HardLinkInfo
{
551 if stat
.st_nlink
> 1 {
552 if let Some((path
, offset
)) = self.hardlinks
.get(&link_info
) {
553 if let Some(ref mut catalog
) = self.catalog
{
554 catalog
.add_hardlink(c_file_name
)?
;
557 encoder
.add_hardlink(file_name
, path
, *offset
)?
;
563 let file_size
= stat
.st_size
as u64;
564 if let Some(ref mut catalog
) = self.catalog
{
565 catalog
.add_file(c_file_name
, file_size
, stat
.st_mtime
)?
;
568 let offset
: LinkOffset
=
569 self.add_regular_file(encoder
, fd
, file_name
, &metadata
, file_size
)?
;
571 if stat
.st_nlink
> 1 {
572 self.hardlinks
.insert(link_info
, (self.path
.clone(), offset
));
578 let dir
= Dir
::from_fd(fd
.into_raw_fd())?
;
580 if let Some(ref mut catalog
) = self.catalog
{
581 catalog
.start_directory(c_file_name
)?
;
583 let result
= self.add_directory(encoder
, dir
, c_file_name
, &metadata
, stat
);
584 if let Some(ref mut catalog
) = self.catalog
{
585 catalog
.end_directory()?
;
590 if let Some(ref mut catalog
) = self.catalog
{
591 catalog
.add_socket(c_file_name
)?
;
594 Ok(encoder
.add_socket(&metadata
, file_name
)?
)
597 if let Some(ref mut catalog
) = self.catalog
{
598 catalog
.add_fifo(c_file_name
)?
;
601 Ok(encoder
.add_fifo(&metadata
, file_name
)?
)
604 if let Some(ref mut catalog
) = self.catalog
{
605 catalog
.add_symlink(c_file_name
)?
;
608 self.add_symlink(encoder
, fd
, file_name
, &metadata
)
611 if let Some(ref mut catalog
) = self.catalog
{
612 catalog
.add_block_device(c_file_name
)?
;
615 self.add_device(encoder
, file_name
, &metadata
, &stat
)
618 if let Some(ref mut catalog
) = self.catalog
{
619 catalog
.add_char_device(c_file_name
)?
;
622 self.add_device(encoder
, file_name
, &metadata
, &stat
)
625 "encountered unknown file type: 0x{:x} (0o{:o})",
634 encoder
: &mut Encoder
,
639 ) -> Result
<(), Error
> {
640 let dir_name
= OsStr
::from_bytes(dir_name
.to_bytes());
642 let mut encoder
= encoder
.create_directory(dir_name
, &metadata
)?
;
644 let old_fs_magic
= self.fs_magic
;
645 let old_fs_feature_flags
= self.fs_feature_flags
;
646 let old_st_dev
= self.current_st_dev
;
648 let mut skip_contents
= false;
649 if old_st_dev
!= stat
.st_dev
{
650 self.fs_magic
= detect_fs_type(dir
.as_raw_fd())?
;
651 self.fs_feature_flags
= Flags
::from_magic(self.fs_magic
);
652 self.current_st_dev
= stat
.st_dev
;
654 if is_virtual_file_system(self.fs_magic
) {
655 skip_contents
= true;
656 } else if let Some(set
) = &self.device_set
{
657 skip_contents
= !set
.contains(&stat
.st_dev
);
661 let result
= if skip_contents
{
662 writeln
!(self.logger
, "skipping mount point: {:?}", self.path
)?
;
665 self.archive_dir_contents(&mut encoder
, dir
, false)
668 self.fs_magic
= old_fs_magic
;
669 self.fs_feature_flags
= old_fs_feature_flags
;
670 self.current_st_dev
= old_st_dev
;
678 encoder
: &mut Encoder
,
683 ) -> Result
<LinkOffset
, Error
> {
684 let mut file
= unsafe { std::fs::File::from_raw_fd(fd.into_raw_fd()) }
;
685 let mut remaining
= file_size
;
686 let mut out
= encoder
.create_file(metadata
, file_name
, file_size
)?
;
687 while remaining
!= 0 {
688 let mut got
= match file
.read(&mut self.file_copy_buffer
[..]) {
691 Err(err
) if err
.kind() == std
::io
::ErrorKind
::Interrupted
=> continue,
692 Err(err
) => bail
!(err
),
694 if got
as u64 > remaining
{
695 self.report_file_grew_while_reading()?
;
696 got
= remaining
as usize;
698 out
.write_all(&self.file_copy_buffer
[..got
])?
;
699 remaining
-= got
as u64;
702 self.report_file_shrunk_while_reading()?
;
703 let to_zero
= remaining
.min(self.file_copy_buffer
.len() as u64) as usize;
704 vec
::clear(&mut self.file_copy_buffer
[..to_zero
]);
705 while remaining
!= 0 {
706 let fill
= remaining
.min(self.file_copy_buffer
.len() as u64) as usize;
707 out
.write_all(&self.file_copy_buffer
[..fill
])?
;
708 remaining
-= fill
as u64;
712 Ok(out
.file_offset())
717 encoder
: &mut Encoder
,
721 ) -> Result
<(), Error
> {
722 let dest
= nix
::fcntl
::readlinkat(fd
.as_raw_fd(), &b
""[..])?
;
723 encoder
.add_symlink(metadata
, file_name
, dest
)?
;
729 encoder
: &mut Encoder
,
733 ) -> Result
<(), Error
> {
734 Ok(encoder
.add_device(
737 pxar
::format
::Device
::from_dev_t(stat
.st_rdev
),
742 fn get_metadata(fd
: RawFd
, stat
: &FileStat
, flags
: Flags
, fs_magic
: i64) -> Result
<Metadata
, Error
> {
743 // required for some of these
744 let proc_path
= Path
::new("/proc/self/fd/").join(fd
.to_string());
746 let mut meta
= Metadata
{
748 mode
: u64::from(stat
.st_mode
),
752 mtime
: pxar
::format
::StatxTimestamp
{
754 nanos
: stat
.st_mtime_nsec
as u32,
760 get_xattr_fcaps_acl(&mut meta
, fd
, &proc_path
, flags
)?
;
761 get_chattr(&mut meta
, fd
)?
;
762 get_fat_attr(&mut meta
, fd
, fs_magic
)?
;
763 get_quota_project_id(&mut meta
, fd
, flags
, fs_magic
)?
;
767 fn get_fcaps(meta
: &mut Metadata
, fd
: RawFd
, flags
: Flags
) -> Result
<(), Error
> {
768 if flags
.contains(Flags
::WITH_FCAPS
) {
772 match xattr
::fgetxattr(fd
, xattr
::xattr_name_fcaps()) {
774 meta
.fcaps
= Some(pxar
::format
::FCaps { data }
);
777 Err(Errno
::ENODATA
) => Ok(()),
778 Err(Errno
::EOPNOTSUPP
) => Ok(()),
779 Err(Errno
::EBADF
) => Ok(()), // symlinks
780 Err(err
) => bail
!("failed to read file capabilities: {}", err
),
784 fn get_xattr_fcaps_acl(
789 ) -> Result
<(), Error
> {
790 if flags
.contains(Flags
::WITH_XATTRS
) {
794 let xattrs
= match xattr
::flistxattr(fd
) {
796 Err(Errno
::EOPNOTSUPP
) => return Ok(()),
797 Err(Errno
::EBADF
) => return Ok(()), // symlinks
798 Err(err
) => bail
!("failed to read xattrs: {}", err
),
801 for attr
in &xattrs
{
802 if xattr
::is_security_capability(&attr
) {
803 get_fcaps(meta
, fd
, flags
)?
;
807 if xattr
::is_acl(&attr
) {
808 get_acl(meta
, proc_path
, flags
)?
;
812 if !xattr
::is_valid_xattr_name(&attr
) {
816 match xattr
::fgetxattr(fd
, attr
) {
819 .push(pxar
::format
::XAttr
::new(attr
.to_bytes(), data
)),
820 Err(Errno
::ENODATA
) => (), // it got removed while we were iterating...
821 Err(Errno
::EOPNOTSUPP
) => (), // shouldn't be possible so just ignore this
822 Err(Errno
::EBADF
) => (), // symlinks, shouldn't be able to reach this either
823 Err(err
) => bail
!("error reading extended attribute {:?}: {}", attr
, err
),
830 fn get_chattr(metadata
: &mut Metadata
, fd
: RawFd
) -> Result
<(), Error
> {
831 let mut attr
: libc
::c_long
= 0;
833 match unsafe { fs::read_attr_fd(fd, &mut attr) }
{
835 Err(nix
::Error
::Sys(errno
)) if errno_is_unsupported(errno
) => {
838 Err(err
) => bail
!("failed to read file attributes: {}", err
),
841 metadata
.stat
.flags
|= Flags
::from_chattr(attr
).bits();
846 fn get_fat_attr(metadata
: &mut Metadata
, fd
: RawFd
, fs_magic
: i64) -> Result
<(), Error
> {
847 use proxmox
::sys
::linux
::magic
::*;
849 if fs_magic
!= MSDOS_SUPER_MAGIC
&& fs_magic
!= FUSE_SUPER_MAGIC
{
853 let mut attr
: u32 = 0;
855 match unsafe { fs::read_fat_attr_fd(fd, &mut attr) }
{
857 Err(nix
::Error
::Sys(errno
)) if errno_is_unsupported(errno
) => {
860 Err(err
) => bail
!("failed to read fat attributes: {}", err
),
863 metadata
.stat
.flags
|= Flags
::from_fat_attr(attr
).bits();
868 /// Read the quota project id for an inode, supported on ext4/XFS/FUSE/ZFS filesystems
869 fn get_quota_project_id(
870 metadata
: &mut Metadata
,
874 ) -> Result
<(), Error
> {
875 if !(metadata
.is_dir() || metadata
.is_regular_file()) {
879 if flags
.contains(Flags
::WITH_QUOTA_PROJID
) {
883 use proxmox
::sys
::linux
::magic
::*;
886 EXT4_SUPER_MAGIC
| XFS_SUPER_MAGIC
| FUSE_SUPER_MAGIC
| ZFS_SUPER_MAGIC
=> (),
890 let mut fsxattr
= fs
::FSXAttr
::default();
891 let res
= unsafe { fs::fs_ioc_fsgetxattr(fd, &mut fsxattr) }
;
893 // On some FUSE filesystems it can happen that ioctl is not supported.
894 // For these cases projid is set to 0 while the error is ignored.
895 if let Err(err
) = res
{
898 .ok_or_else(|| format_err
!("error while reading quota project id"))?
;
899 if errno_is_unsupported(errno
) {
902 bail
!("error while reading quota project id ({})", errno
);
906 let projid
= fsxattr
.fsx_projid
as u64;
908 metadata
.quota_project_id
= Some(pxar
::format
::QuotaProjectId { projid }
);
913 fn get_acl(metadata
: &mut Metadata
, proc_path
: &Path
, flags
: Flags
) -> Result
<(), Error
> {
914 if flags
.contains(Flags
::WITH_ACL
) {
918 if metadata
.is_symlink() {
922 get_acl_do(metadata
, proc_path
, acl
::ACL_TYPE_ACCESS
)?
;
924 if metadata
.is_dir() {
925 get_acl_do(metadata
, proc_path
, acl
::ACL_TYPE_DEFAULT
)?
;
932 metadata
: &mut Metadata
,
934 acl_type
: acl
::ACLType
,
935 ) -> Result
<(), Error
> {
936 // In order to be able to get ACLs with type ACL_TYPE_DEFAULT, we have
937 // to create a path for acl_get_file(). acl_get_fd() only allows to get
938 // ACL_TYPE_ACCESS attributes.
939 let acl
= match acl
::ACL
::get_file(&proc_path
, acl_type
) {
941 // Don't bail if underlying endpoint does not support acls
942 Err(Errno
::EOPNOTSUPP
) => return Ok(()),
943 // Don't bail if the endpoint cannot carry acls
944 Err(Errno
::EBADF
) => return Ok(()),
945 // Don't bail if there is no data
946 Err(Errno
::ENODATA
) => return Ok(()),
947 Err(err
) => bail
!("error while reading ACL - {}", err
),
950 process_acl(metadata
, acl
, acl_type
)
954 metadata
: &mut Metadata
,
956 acl_type
: acl
::ACLType
,
957 ) -> Result
<(), Error
> {
958 use pxar
::format
::acl
as pxar_acl
;
959 use pxar
::format
::acl
::{Group, GroupObject, Permissions, User}
;
961 let mut acl_user
= Vec
::new();
962 let mut acl_group
= Vec
::new();
963 let mut acl_group_obj
= None
;
964 let mut acl_default
= None
;
965 let mut user_obj_permissions
= None
;
966 let mut group_obj_permissions
= None
;
967 let mut other_permissions
= None
;
968 let mut mask_permissions
= None
;
970 for entry
in &mut acl
.entries() {
971 let tag
= entry
.get_tag_type()?
;
972 let permissions
= entry
.get_permissions()?
;
974 acl
::ACL_USER_OBJ
=> user_obj_permissions
= Some(Permissions(permissions
)),
975 acl
::ACL_GROUP_OBJ
=> group_obj_permissions
= Some(Permissions(permissions
)),
976 acl
::ACL_OTHER
=> other_permissions
= Some(Permissions(permissions
)),
977 acl
::ACL_MASK
=> mask_permissions
= Some(Permissions(permissions
)),
980 uid
: entry
.get_qualifier()?
,
981 permissions
: Permissions(permissions
),
985 acl_group
.push(Group
{
986 gid
: entry
.get_qualifier()?
,
987 permissions
: Permissions(permissions
),
990 _
=> bail
!("Unexpected ACL tag encountered!"),
998 acl
::ACL_TYPE_ACCESS
=> {
999 // The mask permissions are mapped to the stat group permissions
1000 // in case that the ACL group permissions were set.
1001 // Only in that case we need to store the group permissions,
1002 // in the other cases they are identical to the stat group permissions.
1003 if let (Some(gop
), true) = (group_obj_permissions
, mask_permissions
.is_some()) {
1004 acl_group_obj
= Some(GroupObject { permissions: gop }
);
1007 metadata
.acl
.users
= acl_user
;
1008 metadata
.acl
.groups
= acl_group
;
1010 acl
::ACL_TYPE_DEFAULT
=> {
1011 if user_obj_permissions
!= None
1012 || group_obj_permissions
!= None
1013 || other_permissions
!= None
1014 || mask_permissions
!= None
1016 acl_default
= Some(pxar_acl
::Default
{
1017 // The value is set to UINT64_MAX as placeholder if one
1018 // of the permissions is not set
1019 user_obj_permissions
: user_obj_permissions
.unwrap_or(Permissions
::NO_MASK
),
1020 group_obj_permissions
: group_obj_permissions
.unwrap_or(Permissions
::NO_MASK
),
1021 other_permissions
: other_permissions
.unwrap_or(Permissions
::NO_MASK
),
1022 mask_permissions
: mask_permissions
.unwrap_or(Permissions
::NO_MASK
),
1026 metadata
.acl
.default_users
= acl_user
;
1027 metadata
.acl
.default_groups
= acl_group
;
1029 _
=> bail
!("Unexpected ACL type encountered"),
1032 metadata
.acl
.group_obj
= acl_group_obj
;
1033 metadata
.acl
.default = acl_default
;
1038 /// Note that our pattern lists are "positive". `MatchType::Include` means the file is included.
1039 /// Since we are generating an *exclude* list, we need to invert this, so includes get a `'!'`
1041 fn generate_pxar_excludes_cli(patterns
: &[MatchEntry
]) -> Vec
<u8> {
1042 use pathpatterns
::MatchPattern
;
1044 let mut content
= Vec
::new();
1046 for pattern
in patterns
{
1047 match pattern
.match_type() {
1048 MatchType
::Include
=> content
.push(b'
!'
),
1049 MatchType
::Exclude
=> (),
1052 match pattern
.pattern() {
1053 MatchPattern
::Literal(lit
) => content
.extend(lit
),
1054 MatchPattern
::Pattern(pat
) => content
.extend(pat
.pattern().to_bytes()),
1057 if pattern
.match_flags() == MatchFlag
::MATCH_DIRECTORIES
&& content
.last() != Some(&b'
/'
) {
1061 content
.push(b'
\n'
);