Bug 7382 - Fails to copy with ACL issue if src user is unknown (OSX 10.6 only)
Fails to copy with ACL issue if src user is unknown (OSX 10.6 only)
Status: ASSIGNED
Product: rsync
Classification: Unclassified
Component: core
3.0.7
All Mac OS X
: P3 normal
: ---
Assigned To: Wayne Davison
Rsync QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-04-21 17:43 UTC by David Sanner
Modified: 2011-10-11 22:35 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description David Sanner 2010-04-21 17:43:15 UTC
If src file or directory (with certain ACLs) was created by a user that is unknown on local machine rsync will fail to copy.  This issue is new for OSX 10.6.(3) and does happen with 10.5.8   note:/bin/cp works fine.

Example

Definitions:
DIR-LOCAL-USER : Src directory created by a local user on local machine.
DIR-UNKNOWN-USER : Src directory created by local user on another machine. 
                   Directory/Disk was then mounted on local machine.
DIRB : target dir on local machine
rsync: rsync 3.0.7 running on OSX 10.6.3 


--- rsync works when src dir was created by local user ---

ls -lde  DIR-LOCAL-USER              
drwx-wx-wx+ 3 admin  staff  102 Apr  1 10:59 DIR-LOCAL-USER
 0: user:admin allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit

rsync -aA  DIR-LOCAL-USER  DIRB

ls -lde DIRB
drwx-wx-wx+ 3 admin  staff  102 Apr  1 10:59 DB
 0: user:admin allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit


---  rsync 3.0.7 fails with acl issue if user is unknown ----

ls -lde DIR-UNKNOWN-USER
drwx-wx-wx+ 3 2195  staff  102 Jun  4  2009 DIR-UNKNOWN-USER
 0: FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000893 allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit

rsync -aA  DIR-UNKNOWN-USER DIRB
rsync: unpack_smb_acl: sys_acl_get_info(): Unknown error: 0 (0)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1040) [sender=3.0.5]

ls -lde DIRB
ls: DB: No such file or directory


---  OSX 10.6.3 cp works fine ----

/bin/cp -ap  DIR-UNKNOWN-USER DIRB

ls -lde DB
drwx-wx-wx+ 3 2195  staff  102 Jun  4  2009 DIRB
 0: FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000893 allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit

---------  same issue with remote machine copy ----

Also note this fails when copying dir from a remote machine:

rsync -aAe ssh remote-machine:/DIR-UNKNOWN-USER DIRB

error result looks like this:
pack_smb_acl sys_acl_set_info(): Operation not supported
Comment 1 David Sanner 2010-04-27 15:02:31 UTC
Issue seems to be from failed call to
mbr_uuid_to_id at line 2642 of lib/sysacls.c :

rc = mbr_uuid_to_id(*uup, u_g_id_p, &id_type);

If user is unknown in OSX 10.5 this call returns 0
and u_g_id_p is set as well as id_type.

This function call fails in OSX 10.6, return code 2.

Test machine is not part of any network directory service.
Comment 2 Wayne Davison 2010-05-02 18:06:13 UTC
Yeah, the ACL structures must have a user and group, represented internally by ID number (32 bits max).  To work around this, we'd need to make the mac ACL info get turned into xattr info (which can hold arbitrary data), and then turned back into ACL info on the receiving side.  That should allow the larger ID values to get copied exactly (without any translation, which may be what you need).

Possible implementation options:
1. have the -A try to translate the value into a uid+gid, and if that fails, add the ACL data to the xattr data (failing or warning if the copying of xattrs was not enabled).
2. have an option to send all ACL data as xattr data.
Comment 3 David Sanner 2010-05-06 18:00:55 UTC
Supporting ACL's transferred via xattr sounds like a good 
route...

But why would OSX 10.5 be able to copy these files and
keep their ACL's intact but not 10.6 ?

Comment 4 tskyblue 2011-10-11 22:06:38 UTC
(In reply to comment #3)
> Supporting ACL's transferred via xattr sounds like a good 
> route...
> 
> But why would OSX 10.5 be able to copy these files and
> keep their ACL's intact but not 10.6 ?
Comment 5 tskyblue 2011-10-11 22:26:31 UTC
ASSIGNED
Comment 6 tskyblue 2011-10-11 22:27:02 UTC
ASSIGNED
Comment 8 tskyblue 2011-10-11 22:35:21 UTC
ASSIGNED